9.8

CVSS3.1

CVE-2024-53924 -

Pycel through 1.0b30, when operating on an untrusted spreadsheet, allows code execution via a crafted formula in a cell, such as one beginning with the =IF(A1=200, eval("__import__('os').system( substring.

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: July 11, 2025, 4:40 p.m.

5.4

CVSS3.1

CVE-2024-40124 -

Pydio Core <= 8.2.5 is vulnerable to Cross Site Scripting (XSS) via the New URL Bookmark feature.

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: June 25, 2025, 6:49 p.m.

9.8

CVSS3.1

CVE-2025-29040 -

An issue in dlink DIR 823x 240802 allows a remote attacker to execute arbitrary code via the target_addr key value and the function 0x41737c

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: May 1, 2025, 6:15 p.m.

7.1

CVSS3.1

CVE-2024-55238 -

OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO interface. The workflowtype and status parameters can be used to build a SQL query.

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: April 24, 2025, 12:47 p.m.

9.8

CVSS3.1

CVE-2025-29662 -

A RCE vulnerability in the core application in LandChat 3.25.12.18 allows an unauthenticated attacker to execute system code via remote network access.

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: July 11, 2025, 4:41 p.m.

9.8

CVSS3.1

CVE-2024-56518 -

Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user.provider.url in a hazelcast-client XML document (aka a client configuration file), which can be uploaded at the /cluster-connections URI.

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: July 7, 2025, 6:18 p.m.

6.5

CVSS3.1

CVE-2025-29450 -

An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the site settings component.

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: April 23, 2025, 6:09 p.m.

2.9

CVSS3.1

CVE-2025-32415 - libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: Nov. 3, 2025, 8:18 p.m.

7.8

CVSS3.1

CVE-2021-47670 - can: peak_usb: fix use after free bugs

In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix use after free bugs After calling peak_usb_netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the peak_usb_netif_rx_ni(). Reordering the line…

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: May 4, 2025, 7:15 a.m.

6.2

CVSS3.1

CVE-2025-29316 -

An issue in DataPatrol Screenshot watermark, printing watermark agent v.3.5.2.0 allows a physically proximate attacker to obtain sensitive information. NOTE: the Supplier disputes the Print Job Watermark Bypass claim because the watermark is added by hooking into the OS printing mechanism, and thus…

πŸ“… Published: April 17, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 5754 of 34,919
Β« previous page Β» next page
Filters