Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2024-43047 KEV |
|
[KEV] Use-After-Free in Qualcomm multiple-chipsets (CVE-2024-43047)
vulnerability in Qualcomm multiple-chipsets (CVE-2024-43047). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-6400 |
|
Vulnerability in finrota (CVE-2024-6400)
vulnerability in finrota (CVE-2024-6400). Confidential information can be exposed externally.
|
| CVE-2023-37822 |
|
Vulnerability in eufy (CVE-2023-37822)
vulnerability in eufy (CVE-2023-37822). Confidential information can be exposed externally.
|
| CVE-2024-45519 KEV |
|
[KEV] Vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2024-45519)
vulnerability in Synacor zimbra-collaboration-suite-zcs (CVE-2024-45519). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-29824 KEV |
|
[KEV] SQL Injection in Ivanti endpoint-manager-epm (CVE-2024-29824)
SQL injection in Ivanti endpoint-manager-epm (CVE-2024-29824). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-46084 |
|
Command Injection in scriptcase (CVE-2024-46084)
command injection in scriptcase (CVE-2024-46084). Successful exploitation can lead to full system takeover.
|
| CVE-2019-0344 KEV |
|
[KEV] Unsafe Deserialization in Sap commerce-cloud (CVE-2019-0344)
vulnerability in Sap commerce-cloud (CVE-2019-0344). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-15415 KEV |
|
[KEV] OS Command Injection in Draytek multiple-vigor-routers (CVE-2020-15415)
OS command injection in Draytek multiple-vigor-routers (CVE-2020-15415). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-25280 KEV |
|
[KEV] OS Command Injection in D-link dir-820-router (CVE-2023-25280)
OS command injection in D-link dir-820-router (CVE-2023-25280). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-46854 |
|
Vulnerability in linux (CVE-2024-46854)
vulnerability in linux (CVE-2024-46854). Confidential information can be exposed externally.
|
| CVE-2024-46865 |
|
Vulnerability in linux (CVE-2024-46865)
vulnerability in linux (CVE-2024-46865). Confidential information can be exposed externally.
|
| CVE-2024-8644 |
|
Vulnerability in oceanicsoft (CVE-2024-8644)
vulnerability in oceanicsoft (CVE-2024-8644). Confidential information can be exposed externally.
|
| CVE-2024-8609 |
|
Vulnerability in oceanicsoft (CVE-2024-8609)
vulnerability in oceanicsoft (CVE-2024-8609). Confidential information can be exposed externally.
|
| CVE-2024-7107 |
|
Vulnerability in nationalkeep (CVE-2024-7107)
vulnerability in nationalkeep (CVE-2024-7107). Confidential information can be exposed externally.
|
| CVE-2024-46607 |
|
Vulnerability in thecosy (CVE-2024-46607)
vulnerability in thecosy (CVE-2024-46607). Confidential information can be exposed externally.
|
| CVE-2024-8963 KEV |
|
[KEV] Path Traversal in Ivanti cloud-services-appliance-csa (CVE-2024-8963)
path traversal in Ivanti cloud-services-appliance-csa (CVE-2024-8963). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-5958 |
|
SQL Injection in sqli (CVE-2024-5958)
SQL injection in sqli (CVE-2024-5958). Successful exploitation can lead to full system takeover.
|
| CVE-2024-46759 |
|
Vulnerability in linux (CVE-2024-46759)
vulnerability in linux (CVE-2024-46759). Successful exploitation can lead to full system takeover.
|
| CVE-2024-46744 |
|
Vulnerability in linux (CVE-2024-46744)
vulnerability in linux (CVE-2024-46744). Successful exploitation can lead to full system takeover.
|
| CVE-2024-46743 |
|
Out-of-Bounds Read in linux (CVE-2024-46743)
vulnerability in linux (CVE-2024-46743). Confidential information can be exposed externally.
|
| CVE-2020-14644 KEV |
|
[KEV] Vulnerability in Oracle weblogic-server (CVE-2020-14644)
vulnerability in Oracle weblogic-server (CVE-2020-14644). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-21445 KEV |
|
[KEV] Unsafe Deserialization in Oracle adf-faces (CVE-2022-21445)
vulnerability in Oracle adf-faces (CVE-2022-21445). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-0618 KEV |
|
[KEV] Unsafe Deserialization in Microsoft sql-server (CVE-2020-0618)
vulnerability in Microsoft sql-server (CVE-2020-0618). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-27348 KEV |
|
[KEV] Vulnerability in Apache hugegraph-server (CVE-2024-27348)
vulnerability in Apache hugegraph-server (CVE-2024-27348). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-0502 KEV |
|
[KEV] Vulnerability in Adobe flash-player (CVE-2014-0502)
vulnerability in Adobe flash-player (CVE-2014-0502). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-0648 KEV |
|
[KEV] Vulnerability in Adobe flash-player (CVE-2013-0648)
vulnerability in Adobe flash-player (CVE-2013-0648). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-0643 KEV |
|
[KEV] Vulnerability in Adobe flash-player (CVE-2013-0643)
vulnerability in Adobe flash-player (CVE-2013-0643). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-0497 KEV |
|
[KEV] Vulnerability in Adobe flash-player (CVE-2014-0497)
vulnerability in Adobe flash-player (CVE-2014-0497). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-6670 KEV |
|
[KEV] SQL Injection in Progress whatsup-gold (CVE-2024-6670)
SQL injection in Progress whatsup-gold (CVE-2024-6670). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-43461 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2024-43461)
vulnerability in Microsoft windows (CVE-2024-43461). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-8190 KEV |
|
[KEV] OS Command Injection in Ivanti cloud-services-appliance (CVE-2024-8190)
OS command injection in Ivanti cloud-services-appliance (CVE-2024-8190). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-34334 |
|
SQL Injection in sqli (CVE-2024-34334)
SQL injection in sqli (CVE-2024-34334). Confidential information can be exposed externally.
|
| CVE-2024-3305 |
|
Information Disclosure in utarit (CVE-2024-3305)
vulnerability in utarit (CVE-2024-3305). Confidential information can be exposed externally.
|
| CVE-2024-3306 |
|
Vulnerability in utarit (CVE-2024-3306)
vulnerability in utarit (CVE-2024-3306). Data can be tampered with by attackers.
|
| CVE-2024-44577 |
|
Command Injection in relyum (CVE-2024-44577)
command injection in relyum (CVE-2024-44577). Successful exploitation can lead to full system takeover.
|
| CVE-2024-44574 |
|
Command Injection in relyum (CVE-2024-44574)
command injection in relyum (CVE-2024-44574). Successful exploitation can lead to full system takeover.
|
| CVE-2024-44572 |
|
Command Injection in relyum (CVE-2024-44572)
command injection in relyum (CVE-2024-44572). Successful exploitation can lead to full system takeover.
|
| CVE-2024-44571 |
|
Vulnerability in relyum (CVE-2024-44571)
vulnerability in relyum (CVE-2024-44571). Successful exploitation can lead to full system takeover.
|
| CVE-2024-44570 |
|
Command Injection in relyum (CVE-2024-44570)
command injection in relyum (CVE-2024-44570). Successful exploitation can lead to full system takeover.
|
| CVE-2024-7609 |
|
Path Traversal in path-traversal (CVE-2024-7609)
path traversal in path-traversal (CVE-2024-7609). Confidential information can be exposed externally.
|
| CVE-2024-44667 |
|
Authorization Flaw in CVE-2024-44667 (CVE-2024-44667)
vulnerability in CVE-2024-44667 (CVE-2024-44667). Successful exploitation can lead to full system takeover.
|
| CVE-2024-43455 |
|
Windows Remote Desktop Licensing Service Spoofing Vulnerability
Windows Remote Desktop Licensing Service Spoofing Vulnerability
|
| CVE-2024-38250 |
|
Windows Graphics Component Elevation of Privilege Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
|
| CVE-2024-38217 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2024-38217)
vulnerability in Microsoft windows (CVE-2024-38217). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-38014 KEV |
|
[KEV] Privilege Escalation in Microsoft windows (CVE-2024-38014)
vulnerability in Microsoft windows (CVE-2024-38014). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-38226 KEV |
|
[KEV] Vulnerability in Microsoft publisher (CVE-2024-38226)
vulnerability in Microsoft publisher (CVE-2024-38226). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-40766 KEV |
|
[KEV] Vulnerability in Sonicwall sonicos (CVE-2024-40766)
vulnerability in Sonicwall sonicos (CVE-2024-40766). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-1000253 KEV |
|
[KEV] Buffer Overflow in Linux kernel (CVE-2017-1000253)
vulnerability in Linux kernel (CVE-2017-1000253). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-3714 KEV |
|
[KEV] Vulnerability in imagemagick (CVE-2016-3714)
vulnerability in imagemagick (CVE-2016-3714). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-6445 |
|
Path Traversal in path-traversal (CVE-2024-6445)
path traversal in path-traversal (CVE-2024-6445). Confidential information can be exposed externally.
|