9.8

CVSS3.1

CVE-2024-28718 -

An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the cert_manager.py. component.

πŸ“… Published: April 12, 2024, midnight πŸ”„ Last Modified: June 17, 2025, 9 p.m.

5.3

CVSS3.1

CVE-2024-30614 -

An issue in Ametys CMS v4.5.0 and before allows attackers to obtain sensitive information via exposed resources to the error scope.

πŸ“… Published: April 12, 2024, midnight πŸ”„ Last Modified: April 11, 2025, 2:30 p.m.

6.2

CVSS3.1

CVE-2024-22734 -

An issue was discovered in AMCS Group Trux Waste Management Software before version 7.19.0018.26912, allows local attackers to obtain sensitive information via a static, hard-coded AES Key-IV pair in the TxUtilities.dll and TruxUser.cfg components.

πŸ“… Published: April 12, 2024, midnight πŸ”„ Last Modified: June 17, 2025, 9:01 p.m.

5.5

CVSS3.1

CVE-2024-22526 -

Buffer Overflow vulnerability in bandisoft bandiview v7.0, allows local attackers to cause a denial of service (DoS) via exr image file.

πŸ“… Published: April 12, 2024, midnight πŸ”„ Last Modified: June 17, 2025, 9:01 p.m.

6.5

CVSS3.1

CVE-2024-2756 - __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix

Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a __Host-Β or __Secure-Β cookie by PHP applications.

πŸ“… Published: April 12, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-3096 - PHP function password_verify can erroneously return true when argument contains NUL

In PHPΒ  version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, ifΒ a password stored with password_hash() starts with a null byte (\x00), testing a blank string as the password via password_verify() will incorrectly return true.

πŸ“… Published: April 12, 2024, midnight πŸ”„ Last Modified: Nov. 4, 2025, 6:16 p.m.

8.1

CVSS3.1

CVE-2023-44857 -

An issue in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the sub_21D24 function in the acu_web component.

πŸ“… Published: April 12, 2024, midnight πŸ”„ Last Modified: May 27, 2025, 2:33 p.m.

6.1

CVSS3.1

CVE-2023-44856 -

Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the rstat, sender, and recipients' parameters of the sub_21D24 function in the acu_web file.

πŸ“… Published: April 12, 2024, midnight πŸ”„ Last Modified: May 27, 2025, 3:52 p.m.

4.8

CVSS3.1

CVE-2024-31839 -

Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component.

πŸ“… Published: April 12, 2024, midnight πŸ”„ Last Modified: June 17, 2025, 8:59 p.m.

6.1

CVSS3.1

CVE-2024-30845 -

Cross Site Scripting vulnerability in Rainbow external link network disk v.5.5 allows a remote attacker to execute arbitrary code via the validation component of the input parameters.

πŸ“… Published: April 12, 2024, midnight πŸ”„ Last Modified: June 17, 2025, 9 p.m.
Total resulsts: 349182
Page 10317 of 34,919
Β« previous page Β» next page
Filters