5.3

CVSS3.1

CVE-2024-32645 - vyper performs incorrect topic logging in raw_log

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, incorrect values can be logged when `raw_log` builtin is called with memory or storage arguments to be used as topics. A contract search was performed and no vulnerable contracts were found i…

πŸ“… Published: April 25, 2024, 5:18 p.m. πŸ”„ Last Modified: Jan. 2, 2025, 10:52 p.m.

5.3

CVSS3.1

CVE-2024-32481 - vyper's range(start, start + N) reverts for negative numbers

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in version 0.3.8 and prior to version 0.4.0b1, when looping over a `range` of the form `range(start, start + N)`, if `start` is negative, the execution will always revert. This issue is caused by an incorrect ass…

πŸ“… Published: April 25, 2024, 5 p.m. πŸ”„ Last Modified: May 5, 2025, 5:31 p.m.

5.7

CVSS3.1

CVE-2024-32467 - Meteraphsere vulnerable to unauthorized viewing by workspace members

MeterSphere is an open source continuous testing platform. Prior to version 2.10.14-lts, members without space permissions can view member information from other workspaces beyond their authority. Version 2.10.14-lts fixes this issue.

πŸ“… Published: April 25, 2024, 4:56 p.m. πŸ”„ Last Modified: Sept. 4, 2025, 2:48 p.m.

7.3

CVSS3.1

CVE-2024-28241 - GlPI-Agent MSI package installation doesn't update folder security profile when using non default i…

The GLPI Agent is a generic management agent. Prior to version 1.7.2, a local user can modify GLPI-Agent code or used DLLs to modify agent logic and even gain higher privileges. Users should upgrade to GLPI-Agent 1.7.2 to receive a patch. As a workaround, use the default installation folder which i…

πŸ“… Published: April 25, 2024, 4:44 p.m. πŸ”„ Last Modified: Jan. 22, 2025, 8:12 p.m.

7.3

CVSS3.1

CVE-2024-28240 - GLPI-Agent's MSI package installation permits local users to change Agent configuration

The GLPI Agent is a generic management agent. A vulnerability that only affects GLPI-Agent installed on windows via MSI packaging can allow a local user to cause denial of agent service by replacing GLPI server url with a wrong url or disabling the service. Additionally, in the case the Deploy task…

πŸ“… Published: April 25, 2024, 4:37 p.m. πŸ”„ Last Modified: Jan. 22, 2025, 8:17 p.m.

6.8

CVSS3.1

CVE-2024-25624 - iris-web vulnerable to Server Side Template Injection in reports

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Due to an improper setup of Jinja2 environment, reports generation in `iris-web` is prone to a Server Side Template Injection (SSTI). Successful exploitation of the vulnerability…

πŸ“… Published: April 25, 2024, 4:30 p.m. πŸ”„ Last Modified: Dec. 10, 2024, 3:06 p.m.

5.4

CVSS3.1

CVE-2024-33592 - WordPress Radio Player plugin <= 2.0.73 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73.

πŸ“… Published: April 25, 2024, 2:52 p.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

7.7

CVSS3.1

CVE-2024-22391 -

A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

πŸ“… Published: April 25, 2024, 2:33 p.m. πŸ”„ Last Modified: Dec. 16, 2025, 7:17 p.m.

8.1

CVSS3.1

CVE-2024-22373 -

An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

πŸ“… Published: April 25, 2024, 2:33 p.m. πŸ”„ Last Modified: Dec. 16, 2025, 7:17 p.m.

6.5

CVSS3.1

CVE-2024-25569 -

An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.

πŸ“… Published: April 25, 2024, 2:33 p.m. πŸ”„ Last Modified: Nov. 4, 2025, 6:15 p.m.
Total resulsts: 349182
Page 10166 of 34,919
Β« previous page Β» next page
Filters