7.3

CVSS3.1

CVE-2024-31220 - Sunshine vulnerable to remote unauthenticated arbitrary file read

Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.16.0 and prior to version 0.18.0, an attacker may be able to remotely read arbitrary files without authentication due to a path traversal vulnerability. Users who exposed the Sunshine configuration web user interface ou…

πŸ“… Published: April 5, 2024, 2:59 p.m. πŸ”„ Last Modified: Sept. 11, 2025, 9:41 p.m.

9.8

CVSS3.1

CVE-2024-31218 - Missing Authentication for Critical Function in Webhood backend

Webhood is a self-hosted URL scanner used analyzing phishing and malicious sites. Webhood's backend container images in versions 0.9.0 and earlier are subject to Missing Authentication for Critical Function vulnerability. This vulnerability allows an unauthenticated attacker to send a HTTP request …

πŸ“… Published: April 5, 2024, 2:45 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

3.5

CVSS3.1

CVE-2024-31213 - InstantCMS Open Redirect vulnerability

InstantCMS is a free and open source content management system. An open redirect was found in the ICMS2 application version 2.16.2 when being redirected after modifying one's own user profile. An attacker could trick a victim into visiting their web application, thinking they are still present on t…

πŸ“… Published: April 5, 2024, 2:43 p.m. πŸ”„ Last Modified: Jan. 17, 2025, 3 p.m.

4.6

CVSS3.1

CVE-2024-2380 - XSS in graph rendering

Stored XSS in graph rendering in Checkmk <2.3.0b4.

πŸ“… Published: April 5, 2024, 1:01 p.m. πŸ”„ Last Modified: Dec. 4, 2024, 9:53 p.m.

6.4

CVSS3.1

CVE-2024-2499 - Squelch Tabs and Accordions Shortcodes <= 0.4.3 - Authenticated (Contributor+) Stored Cross-Site Sc…

The Squelch Tabs and Accordions Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'accordions' shortcode in all versions up to, and including, 0.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it poss…

πŸ“… Published: April 5, 2024, 12:52 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.3

CVSS3.1

CVE-2023-5692 - WordPress Core <= 6.4.3 - Sensitive Information Exposure via redirect_guess_404_permalink

WordPress Core is vulnerable to Sensitive Information Exposure in versions up to, and including, 6.4.3 via the redirect_guess_404_permalink function. This can allow unauthenticated attackers to expose the slug of a custom post whose 'publicly_queryable' post status has been set to 'false'.

πŸ“… Published: April 5, 2024, 12:52 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.8

CVSS3.1

CVE-2023-6523 - IDOR in ExtremePacs's Extreme XDS

Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows Authentication Abuse.This issue affects Extreme XDS: before 3914.

πŸ“… Published: April 5, 2024, 11:37 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.2

CVSS3.1

CVE-2023-6522 - Information Disclosure in ExtremePacs's Extreme XDS

Incorrect Use of Privileged APIs vulnerability in ExtremePacs Extreme XDS allows Collect Data as Provided by Users.This issue affects Extreme XDS: before 3914.

πŸ“… Published: April 5, 2024, 11:33 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-2447 -

Mattermost versions 8.1.x before 8.1.11, 9.3.x before 9.3.3, 9.4.x before 9.4.4, and 9.5.x before 9.5.2 fail to authenticate the source of certain types of post actions, allowing an authenticated attacker to create posts as other users via a crafted post action.

πŸ“… Published: April 5, 2024, 8:52 a.m. πŸ”„ Last Modified: Dec. 13, 2024, 4:18 p.m.

4.7

CVSS3.1

CVE-2024-29221 - Invite ID available to team admins even without the "Add Members" permission

Improper Access Control in Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 lacked proper access control in the `/api/v4/users/me/teams` endpointΒ allowingΒ a team admin to get the invite ID of their team, thus allowing them to invite users, e…

πŸ“… Published: April 5, 2024, 8:15 a.m. πŸ”„ Last Modified: Dec. 13, 2024, 4:21 p.m.
Total resulsts: 349182
Page 10424 of 34,919
Β« previous page Β» next page
Filters