7.5

CVSS3.1

CVE-2023-52341 -

In Plaintext COUNTER CHECK message accepted before AS security activation, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed

πŸ“… Published: April 8, 2024, 2:21 a.m. πŸ”„ Last Modified: May 6, 2025, 1:52 p.m.

8.8

CVSS3.1

CVE-2024-28744 -

The password is empty in the initial configuration of ACERA 9010-08 firmware v02.04 and earlier, and ACERA 9010-24 firmware v02.04 and earlier. An unauthenticated attacker may log in to the product with no password, and obtain and/or alter information such as network configuration and user informat…

πŸ“… Published: April 8, 2024, 12:16 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.9

CVSS4.0

CVE-2024-3437 - SourceCodester Prison Management System Avatar add-admin.php unrestricted upload

A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /Admin/add-admin.php of the component Avatar Handler. The manipulation of the argument avatar leads to unrestricted upload. The attack may …

πŸ“… Published: April 8, 2024, midnight πŸ”„ Last Modified: Feb. 10, 2025, 4:15 p.m.

0.0

CVE-2024-23082 -

ThreeTen Backport v1.6.8 was discovered to contain an integer overflow via the component org.threeten.bp.format.DateTimeFormatter::parse(CharSequence, ParsePosition). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulne…

πŸ“… Published: April 8, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2024-31022 -

An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component.

πŸ“… Published: April 8, 2024, midnight πŸ”„ Last Modified: May 22, 2025, 2:28 p.m.

9.8

CVSS3.1

CVE-2024-27488 -

Incorrect Access Control vulnerability in ZLMediaKit versions 1.0 through 8.0, allows remote attackers to escalate privileges and obtain sensitive information. The application system enables the http API interface by default and uses the secret parameter method to authenticate the http restful api …

πŸ“… Published: April 8, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.0

CVSS3.1

CVE-2024-27631 -

Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via siteadmin/usergroup.php

πŸ“… Published: April 8, 2024, midnight πŸ”„ Last Modified: Sept. 2, 2025, 4:45 p.m.

6.2

CVSS3.1

CVE-2024-23079 - jgrapht: null pointer exception

JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerabilit…

πŸ“… Published: April 8, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.0

CVSS3.1

CVE-2024-31811 -

TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the langType parameter in the setLanguageCfg function.

πŸ“… Published: April 8, 2024, midnight πŸ”„ Last Modified: March 18, 2025, 4:03 p.m.

6.6

CVSS3.1

CVE-2024-28224 -

Ollama before 0.1.29 has a DNS rebinding vulnerability that can inadvertently allow remote access to the full API, thereby letting an unauthorized user chat with a large language model, delete a model, or cause a denial of service (resource exhaustion).

πŸ“… Published: April 8, 2024, midnight πŸ”„ Last Modified: May 13, 2025, 12:42 a.m.
Total resulsts: 349182
Page 10403 of 34,919
Β« previous page Β» next page
Filters