9.8

CVSS3.1

CVE-2024-32039 - FreeRDP Integer overflow & OutOfBound Write in clear_decompress_residual_data

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactiva…

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: Nov. 3, 2025, 9:16 p.m.

8.8

CVSS3.1

CVE-2023-38298 -

Various software builds for the following TCL devices (30Z, A3X, 20XE, 10L) leak the device IMEI to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining non-resettable device i…

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.4

CVSS3.1

CVE-2024-22813 -

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to overwrite the hardcoded IP address in the device memory, disrupting network connectivity between the router and the controller.

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: Sept. 15, 2025, 4:18 p.m.

4.4

CVSS3.1

CVE-2024-30799 -

An issue in PX4 Autopilot v1.14 and before allows a remote attacker to execute arbitrary code and cause a denial of service via the Breach Return Point function.

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: June 12, 2025, 11:57 p.m.

4.9

CVSS3.1

CVE-2024-28717 -

An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component.

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-29368 -

An arbitrary file upload vulnerability in the file handling module of moziloCMS v2.0 allows attackers to bypass extension restrictions via file renaming, potentially leading to unauthorized file execution or storage of malicious content.

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: April 30, 2025, 4:45 p.m.

9.8

CVSS3.1

CVE-2024-29661 -

A File Upload vulnerability in DedeCMS v5.7 allows a local attacker to execute arbitrary code via a crafted payload.

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: April 1, 2025, 6:05 p.m.

7.8

CVSS3.1

CVE-2024-28699 -

A buffer overflow vulnerability in pdf2json v0.70 allows a local attacker to execute arbitrary code via the GString::copy() and ImgOutputDev::ImgOutputDev function.

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.1

CVSS3.1

CVE-2022-34560 -

A cross-site scripting (XSS) vulnerability in PHPFox v4.8.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the History parameter.

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: April 22, 2025, 4:06 p.m.

3.4

CVSS3.1

CVE-2023-38301 -

An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and T-Mobi…

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 10197 of 34,919
Β« previous page Β» next page
Filters