9.8

CVSS3.1

CVE-2024-32459 - FreeRDP Out-Of-Bounds Read in ncrush_decompress

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available.

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: Nov. 3, 2025, 9:16 p.m.

9.8

CVSS3.1

CVE-2024-32458 - FreeRDP Out-Of-Bounds Read in planar_skip_plane_rle

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by default, require server s…

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: Nov. 3, 2025, 9:16 p.m.

6.2

CVSS3.1

CVE-2023-38300 -

A certain software build for the Orbic Maui device (Orbic/RC545L/RC545L:10/ORB545L_V1.4.2_BVZPP/230106:user/release-keys) leaks the IMEI and the ICCID to system properties that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-part…

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-22809 -

Incorrect access control in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to access the G code's shared folder and view sensitive information.

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: Sept. 15, 2025, 4:29 p.m.

8.1

CVSS3.1

CVE-2024-32460 - FreeRDP Out-Of-Bounds Read in interleaved_decompress

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern draw…

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: Nov. 3, 2025, 9:16 p.m.

9.8

CVSS3.1

CVE-2024-32041 - FreeRDP OutOfBound Read in zgfx_decompress_segment

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/bpp` or `/rfx` opti…

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: Feb. 13, 2025, 5:52 p.m.

8.7

CVSS3.1

CVE-2023-38292 -

Certain software builds for the TCL 20XE Android device contain a vulnerable, pre-installed app with a package name of com.tct.gcs.hiddenmenuproxy (versionCode='2', versionName='v11.0.1.0.0201.0') that allows local third-party apps to programmatically perform a factory reset due to inadequate acces…

πŸ“… Published: April 22, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

3.5

CVSS3.1

CVE-2015-10132 - Thimo Grauerholz WP-Spreadplugin spreadplugin.php cross site scripting

A vulnerability classified as problematic was found in Thimo Grauerholz WP-Spreadplugin up to 3.8.6.1 on WordPress. This vulnerability affects unknown code of the file spreadplugin.php. The manipulation of the argument Spreadplugin leads to cross site scripting. The attack can be initiated remotely…

πŸ“… Published: April 21, 2024, 7:31 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

2.7

CVSS3.1

CVE-2024-29733 - Apache Airflow FTP Provider: FTP_TLS instance with unverified SSL context

Improper Certificate Validation vulnerability in Apache Airflow FTP Provider. The FTP hook lacks complete certificate validation in FTP_TLS connections, which can potentially be leveraged. Implementing proper certificate validation by passing context=ssl.create_default_context() during FTP_TLS ins…

πŸ“… Published: April 21, 2024, 5:21 p.m. πŸ”„ Last Modified: July 10, 2025, 6:38 p.m.

4.6

CVSS3.1

CVE-2024-29217 - Apache Answer: XSS vulnerability when changing personal website

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Answer.This issue affects Apache Answer: before 1.3.0. XSS attack when user changes personal website. A logged-in user, when modifying their personal website, can input malicious code in th…

πŸ“… Published: April 21, 2024, 4:04 p.m. πŸ”„ Last Modified: June 30, 2025, 1:41 p.m.
Total resulsts: 349182
Page 10200 of 34,919
Β« previous page Β» next page
Filters