6.5

CVSS3.1

CVE-2023-45552 -

In VeridiumID before 3.5.0, a stored cross-site scripting (XSS) vulnerability has been discovered in the admin portal that allows an authenticated attacker to take over all accounts by sending malicious input via the self-service portal.

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: April 16, 2025, 7:04 p.m.

5.5

CVSS3.1

CVE-2024-26707 - net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame()

In the Linux kernel, the following vulnerability has been resolved: net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() Syzkaller reported [1] hitting a warning after failing to allocate resources for skb in hsr_init_skb(). Since a WARN_ONCE() call will not help much in this case, it mig…

πŸ“… Published: April 3, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 8:54 a.m.

5.4

CVSS3.1

CVE-2024-3218 - Shibang Communications IP Network Intercom Broadcasting System busyscreenshotpush.php path traversal

A vulnerability classified as critical has been found in Shibang Communications IP Network Intercom Broadcasting System 1.0. This affects an unknown part of the file /php/busyscreenshotpush.php. The manipulation of the argument jsondata[callee]/jsondata[imagename] leads to path traversal: '../filed…

πŸ“… Published: April 2, 2024, 11:31 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.5

CVSS3.1

CVE-2024-3209 - UPX bele.h get_ne64 heap-based overflow

A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function get_ne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerabili…

πŸ“… Published: April 2, 2024, 11 p.m. πŸ”„ Last Modified: April 25, 2025, 2:33 p.m.

5.5

CVSS3.1

CVE-2024-3207 - ermig1979 Simd SimdMemoryStream.h ReadUnsigned heap-based overflow

A vulnerability was found in ermig1979 Simd up to 6.0.134. It has been declared as critical. This vulnerability affects the function ReadUnsigned of the file src/Simd/SimdMemoryStream.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be us…

πŸ“… Published: April 2, 2024, 10:31 p.m. πŸ”„ Last Modified: April 25, 2025, 2:38 p.m.

7.3

CVSS3.1

CVE-2024-3204 - c-blosc2 ndlz4x4.c ndlz4_decompress heap-based overflow

A vulnerability has been found in c-blosc2 up to 2.13.2 and classified as critical. Affected by this vulnerability is the function ndlz4_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz4x4.c. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The…

πŸ“… Published: April 2, 2024, 10 p.m. πŸ”„ Last Modified: April 25, 2025, 2:45 p.m.

7.3

CVSS3.1

CVE-2024-3203 - c-blosc2 ndlz8x8.c ndlz8_decompress heap-based overflow

A vulnerability, which was classified as critical, was found in c-blosc2 up to 2.13.2. Affected is the function ndlz8_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz8x8.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit h…

πŸ“… Published: April 2, 2024, 10 p.m. πŸ”„ Last Modified: April 25, 2025, 2:45 p.m.

3.7

CVSS3.1

CVE-2024-3202 - codelyfe Stupid Simple CMS Login Page excessive authentication

A vulnerability, which was classified as problematic, has been found in codelyfe Stupid Simple CMS 1.2.4. This issue affects some unknown processing of the component Login Page. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated remotely…

πŸ“… Published: April 2, 2024, 9:31 p.m. πŸ”„ Last Modified: April 4, 2025, 4:58 p.m.

7.8

CVSS3.0

CVE-2024-30371 - Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page…

πŸ“… Published: April 2, 2024, 8:28 p.m. πŸ”„ Last Modified: Aug. 8, 2025, 6:25 p.m.

4.3

CVSS3.0

CVE-2024-30370 - RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability

RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must perform a specific action …

πŸ“… Published: April 2, 2024, 8:28 p.m. πŸ”„ Last Modified: June 20, 2025, 6:15 p.m.
Total resulsts: 349182
Page 10467 of 34,919
Β« previous page Β» next page
Filters