8.1

CVSS3.1

CVE-2024-32040 - FreeRDP vulnerable to integer underflow in nsc_rle_decode

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do notโ€ฆ

๐Ÿ“… Published: April 22, 2024, midnight ๐Ÿ”„ Last Modified: Nov. 3, 2025, 9:16 p.m.

6.3

CVSS3.1

CVE-2024-28722 -

Cross Site Scripting vulnerability in Innovaphone myPBX v.14r1, v.13r3, v.12r2 allows a remote attacker to execute arbitrary code via the query parameter to the /CMD0/xml_modes.xml endpoint

๐Ÿ“… Published: April 22, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.1

CVSS3.1

CVE-2024-28436 -

Cross Site Scripting vulnerability in D-Link DAP products DAP-2230, DAP-2310, DAP-2330, DAP-2360, DAP-2553, DAP-2590, DAP-2690, DAP-2695, DAP-3520, DAP-3662 allows a remote attacker to execute arbitrary code via the reload parameter in the session_login.php component.

๐Ÿ“… Published: April 22, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.4

CVSS3.1

CVE-2023-38297 -

An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup (versionCode='3', versionName='2.1) โ€ฆ

๐Ÿ“… Published: April 22, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

2.6

CVSS3.1

CVE-2024-32405 -

Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function.

๐Ÿ“… Published: April 22, 2024, midnight ๐Ÿ”„ Last Modified: June 13, 2025, 4:10 p.m.

7.1

CVSS3.1

CVE-2023-38291 -

An issue was discovered in a third-party component related to ro.boot.wifimacaddr, shipped on devices from multiple device manufacturers. Various software builds for the following TCL devices (30Z and 10L) and Motorola devices (Moto G Pure and Moto G Power) leak the Wi-Fi MAC address to a system prโ€ฆ

๐Ÿ“… Published: April 22, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2024-31666 -

An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the edit_addon_post.php component.

๐Ÿ“… Published: April 22, 2024, midnight ๐Ÿ”„ Last Modified: March 28, 2025, 4 p.m.

5.3

CVSS3.1

CVE-2022-46897 -

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The CapsuleIFWUSmm driver does not check the return value from a method or function. This can prevent it from detecting unexpected states and conditions.

๐Ÿ“… Published: April 22, 2024, midnight ๐Ÿ”„ Last Modified: July 29, 2025, 8:43 p.m.

8.8

CVSS3.1

CVE-2024-32394 -

An issue in ruijie.com/cn RG-RSR10-01G-T(WA)-S RSR_3.0(1)B9P2_RSR10-01G-TW-S_07150910 and RG-RSR10-01G-T(WA)-S RSR_3.0(1)B9P2_RSR10-01G-TW-S_07150910 allows a remote attacker to execute arbitrary code via a crafted HTTP request.

๐Ÿ“… Published: April 22, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-22808 -

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service (DoS) by disrupting the communication between the PathPilot controller and the CNC router via overwriting the card's name in the device memory.

๐Ÿ“… Published: April 22, 2024, midnight ๐Ÿ”„ Last Modified: Sept. 15, 2025, 4:38 p.m.
Total resulsts: 349182
Page 10199 of 34,919
ยซ previous page ยป next page
Filters