Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2024-4671 KEV [KEV] Use-After-Free in Google chromium (CVE-2024-4671)
vulnerability in Google chromium (CVE-2024-4671). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-7028 KEV [KEV] Vulnerability in gitlab (CVE-2023-7028)
vulnerability in gitlab (CVE-2023-7028). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-33270 Out-of-Bounds Read in CVE-2024-33270 (CVE-2024-33270)
vulnerability in CVE-2024-33270 (CVE-2024-33270). Confidential information can be exposed externally. Mitigation: upgrade to `2.0.4` or later.
CVE-2024-29988 KEV [KEV] Vulnerability in Microsoft smartscreen-prompt (CVE-2024-29988)
vulnerability in Microsoft smartscreen-prompt (CVE-2024-29988). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-4040 KEV [KEV] Vulnerability in crushftp (CVE-2024-4040)
vulnerability in crushftp (CVE-2024-4040). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-20359 KEV [KEV] Code Injection in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2024-20359)
code injection in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2024-20359). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-20353 KEV [KEV] Vulnerability in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2024-20353)
vulnerability in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2024-20353). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-38028 KEV [KEV] Vulnerability in Microsoft windows (CVE-2022-38028)
vulnerability in Microsoft windows (CVE-2022-38028). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-32206 Cross-Site Scripting (XSS) in wuzhicms (CVE-2024-32206)
cross-site scripting in wuzhicms (CVE-2024-32206). Risk of unauthorized operations or information disclosure.
CVE-2024-3400 KEV [KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3400)
vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3400). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-51141 Vulnerability in zkteco (CVE-2023-51141)
vulnerability in zkteco (CVE-2023-51141). Confidential information can be exposed externally.
CVE-2023-51142 Information Disclosure in zkteco (CVE-2023-51142)
vulnerability in zkteco (CVE-2023-51142). Confidential information can be exposed externally.
CVE-2024-3273 KEV [KEV] Command Injection in D-link multiple-nas-devices (CVE-2024-3273)
command injection in D-link multiple-nas-devices (CVE-2024-3273). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-3272 KEV [KEV] Vulnerability in D-link multiple-nas-devices (CVE-2024-3272)
vulnerability in D-link multiple-nas-devices (CVE-2024-3272). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-3566 Command Injection in node (CVE-2024-3566)
command injection in node (CVE-2024-3566). Successful exploitation can lead to full system takeover. Exploitable via ``cmd.exe``. Mitigation: upgrade to `18.19.0` or later.
CVE-2024-29748 KEV [KEV] Vulnerability in Android pixel (CVE-2024-29748)
vulnerability in Android pixel (CVE-2024-29748). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-29745 KEV [KEV] Vulnerability in Android pixel (CVE-2024-29745)
vulnerability in Android pixel (CVE-2024-29745). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-28085 Vulnerability in kernel (CVE-2024-28085)
vulnerability in kernel (CVE-2024-28085). Risk of unauthorized operations or information disclosure.
CVE-2023-24955 KEV [KEV] Code Injection in Microsoft sharepoint-server (CVE-2023-24955)
code injection in Microsoft sharepoint-server (CVE-2023-24955). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-48788 KEV [KEV] SQL Injection in Fortinet forticlient-ems (CVE-2023-48788)
SQL injection in Fortinet forticlient-ems (CVE-2023-48788). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-7256 KEV [KEV] OS Command Injection in Nice linear-emerge-e3-series (CVE-2019-7256)
OS command injection in Nice linear-emerge-e3-series (CVE-2019-7256). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-44529 KEV [KEV] Code Injection in Ivanti endpoint-manager-cloud-service-appliance-epm-csa (CVE-2021-44529)
code injection in Ivanti endpoint-manager-cloud-service-appliance-epm-csa (CVE-2021-44529). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-29858 Vulnerability in misp-project (CVE-2024-29858)
vulnerability in misp-project (CVE-2024-29858). Successful exploitation can lead to full system takeover.
CVE-2024-29859 Unrestricted File Upload in misp-project (CVE-2024-29859)
vulnerability in misp-project (CVE-2024-29859). Successful exploitation can lead to full system takeover.
CVE-2024-24520 Code Injection in lepton-cms (CVE-2024-24520)
code injection in lepton-cms (CVE-2024-24520). Successful exploitation can lead to full system takeover.
CVE-2023-42789 Out-of-Bounds Write in fortinet (CVE-2023-42789)
out-of-bounds write in fortinet (CVE-2023-42789). Successful exploitation can lead to full system takeover.
CVE-2023-42790 Vulnerability in fortinet (CVE-2023-42790)
vulnerability in fortinet (CVE-2023-42790). Successful exploitation can lead to full system takeover.
CVE-2024-27198 KEV [KEV] Vulnerability in Jetbrains teamcity (CVE-2024-27198)
vulnerability in Jetbrains teamcity (CVE-2024-27198). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-23225 KEV [KEV] Out-of-Bounds Write in Apple multiple-products (CVE-2024-23225)
out-of-bounds write in Apple multiple-products (CVE-2024-23225). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-23296 KEV [KEV] Out-of-Bounds Write in Apple multiple-products (CVE-2024-23296)
out-of-bounds write in Apple multiple-products (CVE-2024-23296). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-21237 KEV [KEV] Information Disclosure in Android pixel (CVE-2023-21237)
vulnerability in Android pixel (CVE-2023-21237). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-36380 KEV [KEV] OS Command Injection in Sunhillo sureline (CVE-2021-36380)
OS command injection in Sunhillo sureline (CVE-2021-36380). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21338 KEV [KEV] Vulnerability in Microsoft windows (CVE-2024-21338)
vulnerability in Microsoft windows (CVE-2024-21338). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-29360 KEV [KEV] Vulnerability in Microsoft streaming-service (CVE-2023-29360)
vulnerability in Microsoft streaming-service (CVE-2023-29360). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-22983 SQL Injection in sqli (CVE-2024-22983)
SQL injection in sqli (CVE-2024-22983). Confidential information can be exposed externally.
CVE-2024-1709 KEV [KEV] Vulnerability in Connectwise screenconnect (CVE-2024-1709)
vulnerability in Connectwise screenconnect (CVE-2024-1709). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21410 KEV [KEV] Authentication Bypass in Microsoft exchange-server (CVE-2024-21410)
authentication bypass in Microsoft exchange-server (CVE-2024-21410). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-3259 KEV [KEV] Information Disclosure in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2020-3259)
vulnerability in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2020-3259). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-20673 Microsoft Office Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
CVE-2024-21412 KEV [KEV] Vulnerability in Microsoft windows (CVE-2024-21412)
vulnerability in Microsoft windows (CVE-2024-21412). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21351 KEV [KEV] Code Injection in Microsoft windows (CVE-2024-21351)
code injection in Microsoft windows (CVE-2024-21351). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-43770 KEV [KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2023-43770)
cross-site scripting in Roundcube webmail (CVE-2023-43770). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-25675 Vulnerability in misp-project (CVE-2024-25675)
vulnerability in misp-project (CVE-2024-25675). Successful exploitation can lead to full system takeover.
CVE-2024-21762 KEV [KEV] Out-of-Bounds Write in Fortinet fortios (CVE-2024-21762)
out-of-bounds write in Fortinet fortios (CVE-2024-21762). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-4762 KEV [KEV] Vulnerability in Google chromium-v8 (CVE-2023-4762)
vulnerability in Google chromium-v8 (CVE-2023-4762). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-48618 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2022-48618)
vulnerability in Apple multiple-products (CVE-2022-48618). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-21893 KEV [KEV] SSRF (Server-Side Request Forgery) in Ivanti connect-secure (CVE-2024-21893)
SSRF in Ivanti connect-secure (CVE-2024-21893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-0727 Vulnerability in cryptography (CVE-2024-0727)
vulnerability in cryptography (CVE-2024-0727). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `42.0.2` or later.
CVE-2024-22922 Privilege Escalation in projectworlds (CVE-2024-22922)
vulnerability in projectworlds (CVE-2024-22922). Successful exploitation can lead to full system takeover.
CVE-2023-51702 Vulnerability in apache (CVE-2023-51702)
vulnerability in apache (CVE-2023-51702). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →