6.2

CVSS3.1

CVE-2024-33255 -

Jerryscript commit cefd391 was discovered to contain an Assertion Failure via ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p) in ecma_free_string_list.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: Sept. 22, 2025, 1:57 p.m.

4.3

CVSS3.1

CVE-2024-32046 - Detailed error discloses full file path with dev mode off

Mattermost versions 9.6.x <= 9.6.0, 9.5.x <= 9.5.2, 9.4.x <= 9.4.4 and 8.1.x <= 8.1.11 fail to remove detailed error messages in API requests even if the developer mode is off which allows an attacker to get information about the server such as the full path were files are stored

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: May 12, 2025, 1:39 p.m.

7.8

CVSS3.1

CVE-2024-33673 -

An issue was discovered in Veritas Backup Exec before 22.2 HotFix 917391. Improper access controls allow for DLL Hijacking in the Windows DLL Search path.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: June 30, 2025, 2:22 p.m.

6.1

CVSS3.1

CVE-2024-33669 -

An issue was discovered in Passbolt Browser Extension before 4.6.2. It can send multiple requests to HaveIBeenPwned while a password is being typed, which results in an information leak. This allows an attacker capable of observing Passbolt's HTTPS queries to the Pwned Password API to more easily bโ€ฆ

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: June 18, 2025, 7:26 p.m.

5.1

CVSS3.1

CVE-2024-33260 -

Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: Sept. 22, 2025, 1:50 p.m.

6.1

CVSS3.1

CVE-2024-31741 -

Cross Site Scripting vulnerability in MiniCMS v.1.11 allows a remote attacker to run arbitrary code via crafted string in the URL after login.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: April 18, 2025, 6:42 p.m.

6.1

CVSS3.1

CVE-2024-31828 -

Cross Site Scripting vulnerability in Lavalite CMS v.10.1.0 allows attackers to execute arbitrary code and obtain sensitive information via a crafted payload to the URL.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: April 18, 2025, 6:43 p.m.

7.5

CVSS3.1

CVE-2024-31551 -

Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: April 14, 2025, 2:20 p.m.

9.1

CVSS3.1

CVE-2024-33668 -

An issue was discovered in Zammad before 6.3.0. The Zammad Upload Cache uses insecure, partially guessable FormIDs to identify content. An attacker could try to brute force them to upload malicious content to article drafts they have no access to.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2025, 4:38 p.m.

8.8

CVSS3.1

CVE-2024-33343 -

D-Link DIR-822+ V1.0.5 was found to contain a command injection in ChgSambaUserSettings function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell.

๐Ÿ“… Published: April 26, 2024, midnight ๐Ÿ”„ Last Modified: May 21, 2025, 12:51 p.m.
Total resulsts: 349182
Page 10161 of 34,919
ยซ previous page ยป next page
Filters