6.1

CVSS3.1

CVE-2024-32875 - Hugo doesn't escape markdown title in internal render hooks

Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.125.3, title arguments in Markdown for links and images not escaped in internal render hooks. Hugo users who are impacted are those who have these hooks enabled and do not trust their Markdown content files. The iss…

📅 Published: April 23, 2024, 8:23 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

5.3

CVSS3.1

CVE-2024-32869 - Hono vulnerable to Restricted Directory Traversal in serveStatic with deno

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.2.7, when using serveStatic with deno, it is possible to traverse the directory where `main.ts` is located. This can result in retrieval of unexpected files. Version 4.2.7 contains a patch for t…

📅 Published: April 23, 2024, 8:20 p.m. 🔄 Last Modified: Sept. 17, 2025, 8:34 p.m.

8.8

CVSS3.1

CVE-2024-4065 - Tenda AC8 SetRebootTimer formSetRebootTimer stack-based overflow

A vulnerability was found in Tenda AC8 16.03.34.09. It has been rated as critical. This issue affects the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be initiated remotely. The explo…

📅 Published: April 23, 2024, 8 p.m. 🔄 Last Modified: Jan. 21, 2025, 7:05 p.m.

8.8

CVSS3.1

CVE-2024-4064 - Tenda AC8 execCommand R7WebsSecurityHandler stack-based overflow

A vulnerability was found in Tenda AC8 16.03.34.09. It has been declared as critical. This vulnerability affects the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. The attack can be initiated remotely. …

📅 Published: April 23, 2024, 8 p.m. 🔄 Last Modified: Jan. 21, 2025, 7:12 p.m.

3.7

CVSS3.1

CVE-2024-4063 - EZVIZ CS-C6-21WFR-8 Davinci Application certificate validation

A vulnerability was found in EZVIZ CS-C6-21WFR-8 5.2.7 Build 170628. It has been classified as problematic. This affects an unknown part of the component Davinci Application. The manipulation leads to improper certificate validation. It is possible to initiate the attack remotely. The complexity of…

📅 Published: April 23, 2024, 6:31 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

3.7

CVSS3.1

CVE-2024-4062 - Hualai Xiaofang iSC5 certificate validation

A vulnerability was found in Hualai Xiaofang iSC5 3.2.2_112 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improper certificate validation. The attack may be launched remotely. The complexity of an attack is rather high. The exploitati…

📅 Published: April 23, 2024, 6:31 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

2.2

CVSS3.1

CVE-2024-32482 - Tillitis TKey Signer possible RAM disclosure vulnerability

The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the TKey’s data in RAM over the USB interface. To exploit the vulnerability an attacker needs to use a custom client application and to touch the TKe…

📅 Published: April 23, 2024, 5:38 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-31208 - Synapse's V2 state resolution weakness allows DoS from remote room members

Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate excess…

📅 Published: April 23, 2024, 5:26 p.m. 🔄 Last Modified: Aug. 26, 2025, 6:45 p.m.

5.3

CVSS3.1

CVE-2024-21979 -

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code execution.

📅 Published: April 23, 2024, 4:36 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

5.3

CVSS3.1

CVE-2024-21972 -

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code execution.

📅 Published: April 23, 2024, 4:36 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 10187 of 34,919
« previous page » next page
Filters