Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2024-26988 Out-of-Bounds Write in c (CVE-2024-26988)
out-of-bounds write in c (CVE-2024-26988). Successful exploitation can lead to full system takeover.
CVE-2024-26934 Vulnerability in c (CVE-2024-26934)
vulnerability in c (CVE-2024-26934). Successful exploitation can lead to full system takeover.
CVE-2024-26951 Use-After-Free in linux (CVE-2024-26951)
vulnerability in linux (CVE-2024-26951). Successful exploitation can lead to full system takeover.
CVE-2023-7028 KEV [KEV] Vulnerability in gitlab (CVE-2023-7028)
vulnerability in gitlab (CVE-2023-7028). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-33270 Out-of-Bounds Read in CVE-2024-33270 (CVE-2024-33270)
vulnerability in CVE-2024-33270 (CVE-2024-33270). Confidential information can be exposed externally. Mitigation: upgrade to `2.0.4` or later.
CVE-2024-29988 KEV [KEV] Vulnerability in Microsoft smartscreen-prompt (CVE-2024-29988)
vulnerability in Microsoft smartscreen-prompt (CVE-2024-29988). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-28327 Vulnerability in CVE-2024-28327 (CVE-2024-28327)
vulnerability in CVE-2024-28327 (CVE-2024-28327). Successful exploitation can lead to full system takeover.
CVE-2024-4040 KEV [KEV] Vulnerability in crushftp (CVE-2024-4040)
vulnerability in crushftp (CVE-2024-4040). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-20359 KEV [KEV] Code Injection in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2024-20359)
code injection in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2024-20359). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-20353 KEV [KEV] Vulnerability in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2024-20353)
vulnerability in Cisco adaptive-security-appliance-asa-and-firepower-threat-defense-ftd (CVE-2024-20353). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-38028 KEV [KEV] Vulnerability in Microsoft windows (CVE-2022-38028)
vulnerability in Microsoft windows (CVE-2022-38028). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-28699 Code Injection in CVE-2024-28699 (CVE-2024-28699)
code injection in CVE-2024-28699 (CVE-2024-28699). Successful exploitation can lead to full system takeover.
CVE-2024-32409 An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script.
An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script.
CVE-2024-2961 Out-of-Bounds Write in c (CVE-2024-2961)
out-of-bounds write in c (CVE-2024-2961). Risk of unauthorized operations or information disclosure.
CVE-2024-26884 Buffer Overflow in linux (CVE-2024-26884)
vulnerability in linux (CVE-2024-26884). Successful exploitation can lead to full system takeover.
CVE-2024-26898 Use-After-Free in dos (CVE-2024-26898)
vulnerability in dos (CVE-2024-26898). Successful exploitation can lead to full system takeover. Exploitable via ``skbtxq``.
CVE-2024-26907 Use-After-Free in c (CVE-2024-26907)
vulnerability in c (CVE-2024-26907). Successful exploitation can lead to full system takeover.
CVE-2024-26882 Vulnerability in c (CVE-2024-26882)
vulnerability in c (CVE-2024-26882). Successful exploitation can lead to full system takeover.
CVE-2024-26885 Buffer Overflow in linux (CVE-2024-26885)
vulnerability in linux (CVE-2024-26885). Successful exploitation can lead to full system takeover.
CVE-2024-26883 Buffer Overflow in debian (CVE-2024-26883)
vulnerability in debian (CVE-2024-26883). Successful exploitation can lead to full system takeover.
CVE-2024-26895 Use-After-Free in csharp (CVE-2024-26895)
vulnerability in csharp (CVE-2024-26895). Successful exploitation can lead to full system takeover.
CVE-2024-26852 Use-After-Free in c (CVE-2024-26852)
vulnerability in c (CVE-2024-26852). Successful exploitation can lead to full system takeover.
CVE-2024-26872 Use-After-Free in linux (CVE-2024-26872)
vulnerability in linux (CVE-2024-26872). Successful exploitation can lead to full system takeover.
CVE-2024-3400 KEV [KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3400)
vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3400). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-51142 Information Disclosure in zkteco (CVE-2023-51142)
vulnerability in zkteco (CVE-2023-51142). Confidential information can be exposed externally.
CVE-2024-3273 KEV [KEV] Command Injection in D-link multiple-nas-devices (CVE-2024-3273)
command injection in D-link multiple-nas-devices (CVE-2024-3273). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-3272 KEV [KEV] Vulnerability in D-link multiple-nas-devices (CVE-2024-3272)
vulnerability in D-link multiple-nas-devices (CVE-2024-3272). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-23077 Vulnerability in jfree (CVE-2024-23077)
vulnerability in jfree (CVE-2024-23077). Confidential information can be exposed externally.
CVE-2023-52070 Out-of-Bounds Read in jfree (CVE-2023-52070)
vulnerability in jfree (CVE-2023-52070). Successful exploitation can lead to full system takeover.
CVE-2024-23076 Vulnerability in jfree (CVE-2024-23076)
vulnerability in jfree (CVE-2024-23076). Risk of unauthorized operations or information disclosure.
CVE-2024-26257 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
CVE-2024-23084 Vulnerability in mikkotommila (CVE-2024-23084)
vulnerability in mikkotommila (CVE-2024-23084). Risk of unauthorized operations or information disclosure.
CVE-2024-23085 Vulnerability in mikkotommila (CVE-2024-23085)
vulnerability in mikkotommila (CVE-2024-23085). Confidential information can be exposed externally.
CVE-2024-27620 SSRF (Server-Side Request Forgery) in CVE-2024-27620 (CVE-2024-27620)
SSRF in CVE-2024-27620 (CVE-2024-27620). Confidential information can be exposed externally.
CVE-2023-6523 Vulnerability in CVE-2023-6523 (CVE-2023-6523)
vulnerability in CVE-2023-6523 (CVE-2023-6523). Successful exploitation can lead to full system takeover.
CVE-2023-6522 Vulnerability in CVE-2023-6522 (CVE-2023-6522)
vulnerability in CVE-2023-6522 (CVE-2023-6522). Risk of unauthorized operations or information disclosure.
CVE-2024-29748 KEV [KEV] Vulnerability in Android pixel (CVE-2024-29748)
vulnerability in Android pixel (CVE-2024-29748). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-29745 KEV [KEV] Vulnerability in Android pixel (CVE-2024-29745)
vulnerability in Android pixel (CVE-2024-29745). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-29477 Code Injection in dolibarr (CVE-2024-29477)
code injection in dolibarr (CVE-2024-29477). Successful exploitation can lead to full system takeover.
CVE-2024-27619 Vulnerability in CVE-2024-27619 (CVE-2024-27619)
vulnerability in CVE-2024-27619 (CVE-2024-27619). Data can be tampered with by attackers.
CVE-2024-28960 An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
CVE-2024-28714 SQL Injection in sqli (CVE-2024-28714)
SQL injection in sqli (CVE-2024-28714). Confidential information can be exposed externally.
CVE-2023-51148 Vulnerability in trendnet (CVE-2023-51148)
vulnerability in trendnet (CVE-2023-51148). Successful exploitation can lead to full system takeover.
CVE-2023-24955 KEV [KEV] Code Injection in Microsoft sharepoint-server (CVE-2023-24955)
code injection in Microsoft sharepoint-server (CVE-2023-24955). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-7256 KEV [KEV] OS Command Injection in Nice linear-emerge-e3-series (CVE-2019-7256)
OS command injection in Nice linear-emerge-e3-series (CVE-2019-7256). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-44529 KEV [KEV] Code Injection in Ivanti endpoint-manager-cloud-service-appliance-epm-csa (CVE-2021-44529)
code injection in Ivanti endpoint-manager-cloud-service-appliance-epm-csa (CVE-2021-44529). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-48788 KEV [KEV] SQL Injection in Fortinet forticlient-ems (CVE-2023-48788)
SQL injection in Fortinet forticlient-ems (CVE-2023-48788). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-24520 Code Injection in lepton-cms (CVE-2024-24520)
code injection in lepton-cms (CVE-2024-24520). Successful exploitation can lead to full system takeover.
CVE-2024-28735 Authentication Bypass in unit4 (CVE-2024-28735)
authentication bypass in unit4 (CVE-2024-28735). Confidential information can be exposed externally.
CVE-2024-22257 Vulnerability in CVE-2024-22257 (CVE-2024-22257)
vulnerability in CVE-2024-22257 (CVE-2024-22257). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →