5.7

CVSS3.1

CVE-2024-57958 -

Out-of-bounds array read vulnerability in the FFRT module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.

πŸ“… Published: Feb. 6, 2025, 12:29 p.m. πŸ”„ Last Modified: March 17, 2025, 2:16 p.m.

6.2

CVSS3.1

CVE-2024-12602 -

Identity verification vulnerability in the ParamWatcher module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

πŸ“… Published: Feb. 6, 2025, 12:27 p.m. πŸ”„ Last Modified: March 17, 2025, 2:19 p.m.

6.6

CVSS3.1

CVE-2024-57957 -

Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

πŸ“… Published: Feb. 6, 2025, 12:27 p.m. πŸ”„ Last Modified: March 17, 2025, 2:17 p.m.

2.8

CVSS3.1

CVE-2024-57956 -

Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability.

πŸ“… Published: Feb. 6, 2025, 12:26 p.m. πŸ”„ Last Modified: March 17, 2025, 2:18 p.m.

6.1

CVSS3.1

CVE-2024-57955 -

Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

πŸ“… Published: Feb. 6, 2025, 12:25 p.m. πŸ”„ Last Modified: Sept. 26, 2025, 7:07 p.m.

6.2

CVSS3.1

CVE-2024-57954 -

Permission verification vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

πŸ“… Published: Feb. 6, 2025, 12:23 p.m. πŸ”„ Last Modified: Sept. 26, 2025, 7:06 p.m.

9.4

CVSS4.0

CVE-2025-0982 - Sandbox Escape in Google Cloud Application Integration's JavaScript Task (Rhino Engine)

Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an actor to execute arbitrary unsandboxed code via crafted JavaScript code executed by the Rhino engine. Effective January 24, 2025, Application Integration will no longer support Rhino as the JavaScript ex…

πŸ“… Published: Feb. 6, 2025, 11:37 a.m. πŸ”„ Last Modified: July 30, 2025, 6:14 p.m.

8.6

CVSS3.1

CVE-2024-37358 - Apache James: denial of service through the use of IMAP literals

Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations Version 3.7.6 and 3.8.2 restrict such illegitimate …

πŸ“… Published: Feb. 6, 2025, 11:22 a.m. πŸ”„ Last Modified: Sept. 29, 2025, 9:43 p.m.

6.5

CVSS3.1

CVE-2024-45626 - Apache James: denial of service through JMAP HTML to text conversion

Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a denial of service. Users are recommended to upgrade to version 3.7.6 and 3.8.2, which fix this issue.

πŸ“… Published: Feb. 6, 2025, 11:21 a.m. πŸ”„ Last Modified: Feb. 12, 2025, 7:51 p.m.

6.5

CVSS3.1

CVE-2025-0859 - Post and Page Builder by BoldGrid <= 1.27.6 - Path Traversal to Authenticated (Contributor+) Arbitr…

The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.27.6 via the template_via_url() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to …

πŸ“… Published: Feb. 6, 2025, 9:21 a.m. πŸ”„ Last Modified: April 8, 2026, 4:36 p.m.
Total resulsts: 343944
Page 6306 of 34,395
Β« previous page Β» next page
Filters