10

CVSS3.1

CVE-2024-32651 - Server Side Template Injection in Jinja2 allows Remote Command Execution

changedetection.io is an open source web page change detection, website watcher, restock monitor and notification service. There is a Server Side Template Injection (SSTI) in Jinja2 that allows Remote Command Execution on the server host. Attackers can run any system command without any restrictionโ€ฆ

๐Ÿ“… Published: April 25, 2024, 11:49 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

10

CVSS3.1

CVE-2024-0916 - Unauthenticated Remote Code Execution in UvDesk Community

Unauthenticatedย file upload allows remote code execution. This issue affects UvDesk Community: from 1.0.0 through 1.1.3.

๐Ÿ“… Published: April 25, 2024, 11:02 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.7

CVSS3.1

CVE-2024-3265 - WP Advanced Search <= 1.1.6 - Admin+ SQL Injection

The Advanced Search WordPress plugin through 1.1.6 does not properly escape parameters appended to an SQL query, making it possible for users with the administrator role to conduct SQL Injection attacks in the context of a multisite WordPress configurations.

๐Ÿ“… Published: April 25, 2024, 9:25 p.m. ๐Ÿ”„ Last Modified: May 8, 2025, 7:14 p.m.

9.1

CVSS3.1

CVE-2022-36029 - BigBlueButton Greenlight Open Redirect vulnerability

Greenlight is an end-user interface for BigBlueButton servers. Versions prior to 2.13.0 have an open redirect vulnerability in the Login page due to unchecked the value of the `return_to` cookie. Versions 2.13.0 contains a patch for the issue.

๐Ÿ“… Published: April 25, 2024, 8:42 p.m. ๐Ÿ”„ Last Modified: April 24, 2025, 1:46 p.m.

9.1

CVSS3.1

CVE-2022-36028 - BigBlueButton Greenlight Open Redirect vulnerability

Greenlight is an end-user interface for BigBlueButton servers. Versions prior to 2.13.0 have an open redirect vulnerability in the Login page due to unchecked the value of the `return_to` cookie. Versions 2.13.0 contains a patch for the issue.

๐Ÿ“… Published: April 25, 2024, 8:36 p.m. ๐Ÿ”„ Last Modified: April 24, 2025, 1:45 p.m.

5.3

CVSS3.1

CVE-2024-32649 - vyper performs double eval of the argument of sqrt

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `sqrt` builtin can result in double eval vulnerability when the argument has side-effects. It can be seen that the `build_IR` function of the `sqrt` builtin doesn't cache the argumeโ€ฆ

๐Ÿ“… Published: April 25, 2024, 5:53 p.m. ๐Ÿ”„ Last Modified: Jan. 2, 2025, 10:39 p.m.

5.3

CVSS3.1

CVE-2024-32648 - vyper default functions don't respect nonreentrancy keys

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Prior to version 0.3.0, default functions don't respect nonreentrancy keys and the lock isn't emitted. No vulnerable production contracts were found. Additionally, using a lock on a `default` function is a very sparsely uโ€ฆ

๐Ÿ“… Published: April 25, 2024, 5:48 p.m. ๐Ÿ”„ Last Modified: Jan. 2, 2025, 10:43 p.m.

5.3

CVSS3.1

CVE-2024-32647 - vyper performs double eval of raw_args in create_from_blueprint

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `create_from_blueprint` builtin can result in a double eval vulnerability when `raw_args=True` and the `args` argument has side-effects. It can be seen that the `_build_create_IR` fโ€ฆ

๐Ÿ“… Published: April 25, 2024, 5:41 p.m. ๐Ÿ”„ Last Modified: Jan. 2, 2025, 10:46 p.m.

5.3

CVSS3.1

CVE-2024-32646 - vyper performs double eval of the slice args when buffer from adhoc locations

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `slice` builtin can result in a double eval vulnerability when the buffer argument is either `msg.data`, `self.code` or `<address>.code` and either the `start` or `length` argumentsโ€ฆ

๐Ÿ“… Published: April 25, 2024, 5:21 p.m. ๐Ÿ”„ Last Modified: Jan. 2, 2025, 10:52 p.m.

0.0

CVE-2024-4206 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

๐Ÿ“… Published: April 25, 2024, 5:19 p.m. ๐Ÿ”„ Last Modified: June 11, 2024, 10:15 a.m.
Total resulsts: 349182
Page 10165 of 34,919
ยซ previous page ยป next page
Filters