Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2023-48365 KEV |
|
[KEV] Vulnerability in Qlik sense (CVE-2023-48365)
vulnerability in Qlik sense (CVE-2023-48365). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-12686 KEV |
|
[KEV] OS Command Injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12686)
OS command injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12686). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-54996 |
|
Cross-Site Scripting (XSS) in monicahq (CVE-2024-54996)
cross-site scripting in monicahq (CVE-2024-54996). Successful exploitation can lead to full system takeover.
|
| CVE-2024-54887 |
|
Vulnerability in tp-link (CVE-2024-54887)
vulnerability in tp-link (CVE-2024-54887). Successful exploitation can lead to full system takeover.
|
| CVE-2025-0306 |
|
Vulnerability in CVE-2025-0306 (CVE-2025-0306)
vulnerability in CVE-2025-0306 (CVE-2025-0306). Confidential information can be exposed externally.
|
| CVE-2025-0282 KEV |
|
[KEV] Vulnerability in Ivanti connect-secure (CVE-2025-0282)
vulnerability in Ivanti connect-secure (CVE-2025-0282). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-53522 |
|
Vulnerability in CVE-2024-53522 (CVE-2024-53522)
vulnerability in CVE-2024-53522 (CVE-2024-53522). Confidential information can be exposed externally.
|
| CVE-2024-55008 |
|
Vulnerability in dos (CVE-2024-55008)
vulnerability in dos (CVE-2024-55008). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-53345 |
|
Unrestricted File Upload in CVE-2024-53345 (CVE-2024-53345)
vulnerability in CVE-2024-53345 (CVE-2024-53345). Successful exploitation can lead to full system takeover.
|
| CVE-2024-48245 |
|
SQL Injection in sqli (CVE-2024-48245)
SQL injection in sqli (CVE-2024-48245). Successful exploitation can lead to full system takeover.
|
| CVE-2024-46242 |
|
Vulnerability in dos (CVE-2024-46242)
vulnerability in dos (CVE-2024-46242). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-2883 KEV |
|
[KEV] Vulnerability in Oracle weblogic-server (CVE-2020-2883)
vulnerability in Oracle weblogic-server (CVE-2020-2883). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-55550 KEV |
|
[KEV] Path Traversal in Mitel micollab (CVE-2024-55550)
path traversal in Mitel micollab (CVE-2024-55550). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-41713 KEV |
|
[KEV] Path Traversal in Mitel micollab (CVE-2024-41713)
path traversal in Mitel micollab (CVE-2024-41713). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-55407 |
|
Vulnerability in CVE-2024-55407 (CVE-2024-55407)
vulnerability in CVE-2024-55407 (CVE-2024-55407). Successful exploitation can lead to full system takeover.
|
| CVE-2024-45497 |
|
Vulnerability in dos (CVE-2024-45497)
vulnerability in dos (CVE-2024-45497). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-3393 KEV |
|
[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3393)
vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3393). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-56732 |
|
Vulnerability in harfbuzz-project (CVE-2024-56732)
vulnerability in harfbuzz-project (CVE-2024-56732). Successful exploitation can lead to full system takeover.
|
| CVE-2024-56672 |
|
Use-After-Free in linux (CVE-2024-56672)
vulnerability in linux (CVE-2024-56672). Successful exploitation can lead to full system takeover.
|
| CVE-2024-56631 |
|
Use-After-Free in c (CVE-2024-56631)
vulnerability in c (CVE-2024-56631). Successful exploitation can lead to full system takeover.
|
| CVE-2024-53213 |
|
Vulnerability in linux (CVE-2024-53213)
vulnerability in linux (CVE-2024-53213). Successful exploitation can lead to full system takeover. Exploitable via ``buf``.
|
| CVE-2024-53166 |
|
Use-After-Free in linux (CVE-2024-53166)
vulnerability in linux (CVE-2024-53166). Successful exploitation can lead to full system takeover.
|
| CVE-2024-12582 |
|
Vulnerability in dos (CVE-2024-12582)
vulnerability in dos (CVE-2024-12582). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-44207 KEV |
|
[KEV] Vulnerability in Acclaim systems acclaim-systems (CVE-2021-44207)
vulnerability in Acclaim systems acclaim-systems (CVE-2021-44207). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-12356 KEV |
|
[KEV] Command Injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12356)
command injection in Beyondtrust privileged-remote-access-pra-and-remote-support-rs (CVE-2024-12356). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-40407 KEV |
|
[KEV] OS Command Injection in Reolink rlc-410w-ip-camera (CVE-2021-40407)
OS command injection in Reolink rlc-410w-ip-camera (CVE-2021-40407). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-11001 KEV |
|
[KEV] OS Command Injection in Reolink multiple-ip-cameras (CVE-2019-11001)
OS command injection in Reolink multiple-ip-cameras (CVE-2019-11001). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-23227 KEV |
|
[KEV] Vulnerability in Nuuo nvrmini2-devices (CVE-2022-23227)
vulnerability in Nuuo nvrmini2-devices (CVE-2022-23227). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-14933 KEV |
|
[KEV] OS Command Injection in Nuuo nvrmini-devices (CVE-2018-14933)
OS command injection in Nuuo nvrmini-devices (CVE-2018-14933). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-55956 KEV |
|
[KEV] Vulnerability in Cleo multiple-products (CVE-2024-55956)
vulnerability in Cleo multiple-products (CVE-2024-55956). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-37775 |
|
Authorization Flaw in sunbirddcim (CVE-2024-37775)
vulnerability in sunbirddcim (CVE-2024-37775). Data can be tampered with by attackers.
|
| CVE-2024-37774 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-37774)
vulnerability in csrf (CVE-2024-37774). Successful exploitation can lead to full system takeover.
|
| CVE-2024-35250 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2024-35250)
vulnerability in Microsoft windows (CVE-2024-35250). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-20767 KEV |
|
[KEV] Vulnerability in Adobe coldfusion (CVE-2024-20767)
vulnerability in Adobe coldfusion (CVE-2024-20767). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-50623 KEV |
|
[KEV] Unrestricted File Upload in Cleo multiple-products (CVE-2024-50623)
vulnerability in Cleo multiple-products (CVE-2024-50623). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-54508 |
|
Out-of-Bounds Read in apple (CVE-2024-54508)
vulnerability in apple (CVE-2024-54508). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-49138 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2024-49138)
vulnerability in Microsoft windows (CVE-2024-49138). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-40582 |
|
Pentaminds CuroVMS v2.0.1 was discovered to contain exposed sensitive information.
Pentaminds CuroVMS v2.0.1 was discovered to contain exposed sensitive information.
|
| CVE-2024-54216 |
|
Vulnerability in path-traversal (CVE-2024-54216)
vulnerability in path-traversal (CVE-2024-54216). Confidential information can be exposed externally.
|
| CVE-2024-51378 KEV |
|
[KEV] Vulnerability in Cyberpersons cyberpanel (CVE-2024-51378)
vulnerability in Cyberpersons cyberpanel (CVE-2024-51378). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-11667 KEV |
|
[KEV] Path Traversal in Zyxel multiple-firewalls (CVE-2024-11667)
path traversal in Zyxel multiple-firewalls (CVE-2024-11667). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-11680 KEV |
|
[KEV] Authentication Bypass in projectsend (CVE-2024-11680)
authentication bypass in projectsend (CVE-2024-11680). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-45727 KEV |
|
[KEV] XXE (XML External Entity) in North grid north-grid (CVE-2023-45727)
vulnerability in North grid north-grid (CVE-2023-45727). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-52336 |
|
Privilege Escalation in privilege-escalation (CVE-2024-52336)
vulnerability in privilege-escalation (CVE-2024-52336). Successful exploitation can lead to full system takeover. Exploitable via ``script_pre``.
|
| CVE-2023-28461 KEV |
|
[KEV] Vulnerability in Array networks array-networks (CVE-2023-28461)
vulnerability in Array networks array-networks (CVE-2023-28461). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-7837 |
|
SQL Injection in sqli (CVE-2024-7837)
SQL injection in sqli (CVE-2024-7837). Confidential information can be exposed externally.
|
| CVE-2024-51364 |
|
Unrestricted File Upload in CVE-2024-51364 (CVE-2024-51364)
vulnerability in CVE-2024-51364 (CVE-2024-51364). Successful exploitation can lead to full system takeover.
|
| CVE-2024-7026 |
|
SQL Injection in sqli (CVE-2024-7026)
SQL injection in sqli (CVE-2024-7026). Confidential information can be exposed externally.
|
| CVE-2024-21287 KEV |
|
[KEV] Authorization Flaw in Oracle agile-product-lifecycle-management-plm (CVE-2024-21287)
vulnerability in Oracle agile-product-lifecycle-management-plm (CVE-2024-21287). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-44309 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Apple multiple-products (CVE-2024-44309)
cross-site scripting in Apple multiple-products (CVE-2024-44309). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|