Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2024-12970 OS Command Injection in CVE-2024-12970 (CVE-2024-12970)
OS command injection in CVE-2024-12970 (CVE-2024-12970). Risk of unauthorized operations or information disclosure.
CVE-2024-48197 Cross-Site Scripting (XSS) in CVE-2024-48197 (CVE-2024-48197)
cross-site scripting in CVE-2024-48197 (CVE-2024-48197). Risk of unauthorized operations or information disclosure.
CVE-2024-45497 Vulnerability in dos (CVE-2024-45497)
vulnerability in dos (CVE-2024-45497). Risk of unauthorized operations or information disclosure.
CVE-2024-3393 KEV [KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3393)
vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3393). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-56727 Vulnerability in c (CVE-2024-56727)
vulnerability in c (CVE-2024-56727). Risk of unauthorized operations or information disclosure.
CVE-2024-56703 Vulnerability in linux (CVE-2024-56703)
vulnerability in linux (CVE-2024-56703). Risk of unauthorized operations or information disclosure. Exploitable via ``bird``.
CVE-2024-56732 Vulnerability in harfbuzz-project (CVE-2024-56732)
vulnerability in harfbuzz-project (CVE-2024-56732). Successful exploitation can lead to full system takeover.
CVE-2024-56672 Use-After-Free in linux (CVE-2024-56672)
vulnerability in linux (CVE-2024-56672). Successful exploitation can lead to full system takeover.
CVE-2024-56631 Use-After-Free in c (CVE-2024-56631)
vulnerability in c (CVE-2024-56631). Successful exploitation can lead to full system takeover.
CVE-2024-53221 Vulnerability in linux (CVE-2024-53221)
vulnerability in linux (CVE-2024-53221). Risk of unauthorized operations or information disclosure.
CVE-2024-53213 Vulnerability in linux (CVE-2024-53213)
vulnerability in linux (CVE-2024-53213). Successful exploitation can lead to full system takeover. Exploitable via ``buf``.
CVE-2024-53170 Use-After-Free in c (CVE-2024-53170)
vulnerability in c (CVE-2024-53170). Successful exploitation can lead to full system takeover.
CVE-2024-53166 Use-After-Free in linux (CVE-2024-53166)
vulnerability in linux (CVE-2024-53166). Successful exploitation can lead to full system takeover.
CVE-2024-8950 SQL Injection in sqli (CVE-2024-8950)
SQL injection in sqli (CVE-2024-8950). Successful exploitation can lead to full system takeover.
CVE-2024-12582 Vulnerability in dos (CVE-2024-12582)
vulnerability in dos (CVE-2024-12582). Risk of unauthorized operations or information disclosure.
CVE-2021-44207 KEV [KEV] Vulnerability in Acclaim systems acclaim-systems (CVE-2021-44207)
vulnerability in Acclaim systems acclaim-systems (CVE-2021-44207). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-10244 SQL Injection in sqli (CVE-2024-10244)
SQL injection in sqli (CVE-2024-10244). Successful exploitation can lead to full system takeover.
CVE-2024-12356 KEV [KEV] Command Injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12356)
command injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12356). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-40407 KEV [KEV] OS Command Injection in Reolink rlc-410w-ip-camera (CVE-2021-40407)
OS command injection in Reolink rlc-410w-ip-camera (CVE-2021-40407). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-11001 KEV [KEV] OS Command Injection in Reolink multiple-ip-cameras (CVE-2019-11001)
OS command injection in Reolink multiple-ip-cameras (CVE-2019-11001). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2018-14933 KEV [KEV] OS Command Injection in Nuuo nvrmini-devices (CVE-2018-14933)
OS command injection in Nuuo nvrmini-devices (CVE-2018-14933). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-23227 KEV [KEV] Vulnerability in Nuuo nvrmini2-devices (CVE-2022-23227)
vulnerability in Nuuo nvrmini2-devices (CVE-2022-23227). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-8972 SQL Injection in sqli (CVE-2024-8972)
SQL injection in sqli (CVE-2024-8972). Successful exploitation can lead to full system takeover.
CVE-2024-55956 KEV [KEV] Vulnerability in Cleo multiple-products (CVE-2024-55956)
vulnerability in Cleo multiple-products (CVE-2024-55956). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-37776 Cross-Site Scripting (XSS) in sunbirddcim (CVE-2024-37776)
cross-site scripting in sunbirddcim (CVE-2024-37776). Risk of unauthorized operations or information disclosure.
CVE-2024-37774 Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-37774)
vulnerability in csrf (CVE-2024-37774). Successful exploitation can lead to full system takeover.
CVE-2024-37775 Authorization Flaw in sunbirddcim (CVE-2024-37775)
vulnerability in sunbirddcim (CVE-2024-37775). Data can be tampered with by attackers.
CVE-2024-37773 Code Injection in sunbirddcim (CVE-2024-37773)
code injection in sunbirddcim (CVE-2024-37773). Risk of unauthorized operations or information disclosure.
CVE-2024-20767 KEV [KEV] Vulnerability in Adobe coldfusion (CVE-2024-20767)
vulnerability in Adobe coldfusion (CVE-2024-20767). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-35250 KEV [KEV] Vulnerability in Microsoft windows (CVE-2024-35250)
vulnerability in Microsoft windows (CVE-2024-35250). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-50623 KEV [KEV] Unrestricted File Upload in Cleo multiple-products (CVE-2024-50623)
vulnerability in Cleo multiple-products (CVE-2024-50623). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-55875 Information Disclosure in org.http4k:http4k-format-xml (CVE-2024-55875)
vulnerability in org.http4k:http4k-format-xml (CVE-2024-55875). Successful exploitation can lead to full system takeover. Exploitable via ``DocumentBuilderFactory``. Mitigation: upgrade to `6.50.0.0` or later.
CVE-2024-54508 Out-of-Bounds Read in apple (CVE-2024-54508)
vulnerability in apple (CVE-2024-54508). Risk of unauthorized operations or information disclosure.
CVE-2024-53481 Cross-Site Scripting (XSS) in phpgurukul (CVE-2024-53481)
cross-site scripting in phpgurukul (CVE-2024-53481). Risk of unauthorized operations or information disclosure.
CVE-2024-53480 SQL Injection in sqli (CVE-2024-53480)
SQL injection in sqli (CVE-2024-53480). Successful exploitation can lead to full system takeover. Exploitable via ``login.php``.
CVE-2024-53866 Vulnerability in pnpm (CVE-2024-53866)
vulnerability in pnpm (CVE-2024-53866). Successful exploitation can lead to full system takeover.
CVE-2024-49138 KEV [KEV] Vulnerability in Microsoft windows (CVE-2024-49138)
vulnerability in Microsoft windows (CVE-2024-49138). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-40582 Pentaminds CuroVMS v2.0.1 was discovered to contain exposed sensitive information.
Pentaminds CuroVMS v2.0.1 was discovered to contain exposed sensitive information.
CVE-2024-40583 Pentaminds CuroVMS v2.0.1 was discovered to contain exposed credentials.
Pentaminds CuroVMS v2.0.1 was discovered to contain exposed credentials.
CVE-2024-8259 SQL Injection in sqli (CVE-2024-8259)
SQL injection in sqli (CVE-2024-8259). Successful exploitation can lead to full system takeover.
CVE-2024-54216 Vulnerability in path-traversal (CVE-2024-54216)
vulnerability in path-traversal (CVE-2024-54216). Confidential information can be exposed externally.
CVE-2024-11321 Cross-Site Scripting (XSS) in CVE-2024-11321 (CVE-2024-11321)
cross-site scripting in CVE-2024-11321 (CVE-2024-11321). Risk of unauthorized operations or information disclosure.
CVE-2024-53614 Vulnerability in CVE-2024-53614 (CVE-2024-53614)
vulnerability in CVE-2024-53614 (CVE-2024-53614). Confidential information can be exposed externally.
CVE-2024-7488 Vulnerability in CVE-2024-7488 (CVE-2024-7488)
vulnerability in CVE-2024-7488 (CVE-2024-7488). Risk of unauthorized operations or information disclosure.
CVE-2024-51378 KEV [KEV] Vulnerability in Cyberpersons cyberpanel (CVE-2024-51378)
vulnerability in Cyberpersons cyberpanel (CVE-2024-51378). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-45727 KEV [KEV] XXE (XML External Entity) in North grid north-grid (CVE-2023-45727)
vulnerability in North grid north-grid (CVE-2023-45727). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-11667 KEV [KEV] Path Traversal in Zyxel multiple-firewalls (CVE-2024-11667)
path traversal in Zyxel multiple-firewalls (CVE-2024-11667). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-11680 KEV [KEV] Authentication Bypass in projectsend (CVE-2024-11680)
authentication bypass in projectsend (CVE-2024-11680). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-53364 SQL Injection in sqli (CVE-2024-53364)
SQL injection in sqli (CVE-2024-53364). Risk of unauthorized operations or information disclosure.
CVE-2024-53124 Vulnerability in c (CVE-2024-53124)
vulnerability in c (CVE-2024-53124). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →