7.6

CVSS3.1

CVE-2024-29399 -

An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the upload.php component.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: June 17, 2025, 8:53 p.m.

9.8

CVSS3.1

CVE-2024-21508 - mysql2: Remote Code Execution

Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.5

CVSS3.1

CVE-2024-30917 -

An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted history_depth parameter in DurabilityService QoS component.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: June 17, 2025, 8:51 p.m.

6.1

CVSS3.1

CVE-2024-22717 -

Cross Site Scripting (XSS) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary code via the First Name field in the application.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: April 8, 2025, 3:20 p.m.

7.8

CVSS3.1

CVE-2024-25376 -

An issue discovered in Thesycon Software Solutions Gmbh & Co. KG TUSBAudio MSI-based installers before 5.68.0 allows a local attacker to execute arbitrary code via the msiexec.exe repair mode.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: June 17, 2025, 8:50 p.m.

0.0

CVE-2024-29449 -

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: May 27, 2024, 1:15 a.m.

4.3

CVSS3.1

CVE-2024-30915 -

An issue was discovered in OpenDDS commit b1c534032bb62ad4ae32609778de6b8d6c823a66, allows a local attacker to cause a denial of service and obtain sensitive information via the max_samples parameter within the DataReaderQoS component.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: June 17, 2025, 8:51 p.m.

9.6

CVSS3.1

CVE-2024-22718 -

Cross Site Scripting (XSS) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary code via the client_id parameter in the application URL.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: April 8, 2025, 3:20 p.m.

0.0

CVE-2024-29450 -

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: May 27, 2024, 1:15 a.m.

7.2

CVSS3.1

CVE-2024-22722 -

Server Side Template Injection (SSTI) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary commands via the Group Name field under the add forms section of the application.

๐Ÿ“… Published: April 11, 2024, midnight ๐Ÿ”„ Last Modified: April 8, 2025, 3:20 p.m.
Total resulsts: 349182
Page 10326 of 34,919
ยซ previous page ยป next page
Filters