6.5

CVSS3.1

CVE-2024-57720 -

lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_blend.

πŸ“… Published: Jan. 23, 2025, midnight πŸ”„ Last Modified: April 15, 2025, 5:13 p.m.

5.5

CVSS3.1

CVE-2024-50665 -

gpac 2.4 contains a SEGV at src/isomedia/drm_sample.c:1562:96 in isom_cenc_get_sai_by_saiz_saio in MP4Box.

πŸ“… Published: Jan. 23, 2025, midnight πŸ”„ Last Modified: Feb. 11, 2025, 8:51 p.m.

4.3

CVSS3.1

CVE-2025-0754 - Envoyproxy: openshift service mesh 2.6.3 and 2.5.6 envoy header handling allows log injection and p…

The vulnerability was found in OpenShift Service Mesh 2.6.3 and 2.5.6. This issue occurs due to improper sanitization of HTTP headers by Envoy, particularly the x-forwarded-for header. This lack of sanitization can allow attackers to inject malicious payloads into service mesh logs, leading to log …

πŸ“… Published: Jan. 23, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.4

CVSS3.1

CVE-2024-12477 - Avada Builder <= 3.11.11 - Authenticated (Contributor+) Stored Cross-Site Scripting in Multiple Wid…

The Avada Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.11.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, w…

πŸ“… Published: Jan. 22, 2025, 9:21 p.m. πŸ”„ Last Modified: April 8, 2026, 5:02 p.m.

7.5

CVSS3.1

CVE-2025-0612 -

Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Jan. 22, 2025, 7:22 p.m. πŸ”„ Last Modified: April 18, 2025, 2:26 a.m.

8.2

CVSS3.1

CVE-2025-0611 -

Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Jan. 22, 2025, 7:22 p.m. πŸ”„ Last Modified: April 18, 2025, 2:26 a.m.

6

CVSS4.0

CVE-2024-9310 - Traffic Alert and Collision Avoidance System (TCAS) II has a Reliance on Untrusted Inputs in a Secu…

By utilizing software-defined radios and a custom low-latency processing pipeline, RF signals with spoofed location data can be transmitted to aircraft targets. This can lead to the appearance of fake aircraft on displays and potentially trigger undesired Resolution Advisories (RAs).

πŸ“… Published: Jan. 22, 2025, 6:41 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.1

CVSS4.0

CVE-2024-11166 - Traffic Alert and Collision Avoidance System (TCAS) II has an External Control of System or Configu…

For TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F, an attacker can impersonate a ground station and issue a Comm-A Identity Request. This action can set the Sensitivity Level Control (SLC) to the lowest setting and disable the Resolution Advisory (RA), leading to …

πŸ“… Published: Jan. 22, 2025, 6:40 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2025-0654 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: Jan. 22, 2025, 6:02 p.m. πŸ”„ Last Modified: July 5, 2025, 11:15 p.m.

6.1

CVSS4.0

CVE-2025-0651 - File symlink abuse might lead to deleting files belonging to SYSTEM user

Improper Privilege Management vulnerability in Cloudflare WARP on Windows allows File Manipulation. User with a low system privilegesΒ  can create a set of symlinks inside theΒ C:\ProgramData\Cloudflare\warp-diag-partials folder. After triggering the 'Reset all settings" option the WARP service will…

πŸ“… Published: Jan. 22, 2025, 5:34 p.m. πŸ”„ Last Modified: July 31, 2025, 7:47 p.m.
Total resulsts: 346626
Page 6739 of 34,663
Β« previous page Β» next page
Filters