8.1

CVSS3.1

CVE-2024-53703 -

A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions mod_httprp library loaded by the Apache web server allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.

πŸ“… Published: Dec. 5, 2024, 1:59 p.m. πŸ”„ Last Modified: Nov. 4, 2025, 5:15 p.m.

8.2

CVSS4.0

CVE-2024-52271 - PDF Document Spoofing in Documenso

User Interface (UI) Misrepresentation of Critical Information vulnerability in Documenso allows Content Spoofing.Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all …

πŸ“… Published: Dec. 5, 2024, 1:56 p.m. πŸ”„ Last Modified: Dec. 5, 2024, 5:15 p.m.

5.3

CVSS3.1

CVE-2024-53702 -

Use of cryptographically weak pseudo-random number generator (PRNG) vulnerability in the SonicWall SMA100 SSLVPN backup code generator that, in certain cases, can be predicted by an attacker, potentially exposing the generated secret.

πŸ“… Published: Dec. 5, 2024, 1:53 p.m. πŸ”„ Last Modified: Nov. 4, 2025, 5:13 p.m.

6.3

CVSS3.1

CVE-2024-45319 -

A vulnerability in the SonicWall SMA100 SSLVPN firmwareΒ 10.2.1.13-72sv and earlier versions allows a remote authenticated attacker can circumvent the certificate requirement during authentication.

πŸ“… Published: Dec. 5, 2024, 1:50 p.m. πŸ”„ Last Modified: Nov. 4, 2025, 5:09 p.m.

8.1

CVSS3.1

CVE-2024-45318 -

A vulnerability in the SonicWall SMA100 SSLVPN web management interface allows remote attackers to cause Stack-based buffer overflow and potentially lead to code execution.

πŸ“… Published: Dec. 5, 2024, 1:43 p.m. πŸ”„ Last Modified: Nov. 4, 2025, 4:59 p.m.

7.5

CVSS3.1

CVE-2024-40763 -

Heap-based buffer overflow vulnerability in the SonicWall SMA100 SSLVPN due to the use of strcpy. This allows remote authenticated attackers to cause Heap-based buffer overflow and potentially lead to code execution.

πŸ“… Published: Dec. 5, 2024, 1:39 p.m. πŸ”„ Last Modified: Nov. 6, 2025, 4:43 p.m.

6.9

CVSS4.0

CVE-2024-12228 - PHPGurukul Complaint Management System user-search.php sql injection

A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 1.0. Affected is an unknown function of the file /admin/user-search.php. The manipulation of the argument search leads to sql injection. It is possible to launch the attack remotely. The exploit has been…

πŸ“… Published: Dec. 5, 2024, 1:31 p.m. πŸ”„ Last Modified: Dec. 10, 2024, 11:19 p.m.

6.8

CVSS4.0

CVE-2024-12227 - MSI Dragon Center IOCTL NTIOLib_X64.sys MmUnMapIoSpace null pointer dereference

A vulnerability, which was classified as problematic, was found in MSI Dragon Center up to 2.0.146.0. This affects the function MmUnMapIoSpace in the library NTIOLib_X64.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on th…

πŸ“… Published: Dec. 5, 2024, 1:31 p.m. πŸ”„ Last Modified: Dec. 5, 2024, 3:39 p.m.

9.3

CVSS4.0

CVE-2024-51555 - Force Change of Default Credentials

Default Credentail vulnerabilities allows access to an Aspect device using publicly available default credentials since the system does not require the installer to change default credentials.Β  Affected products: ABB ASPECT - Enterprise v3.07.02; NEXUS Series v3.07.02; MATRIX Series v3.07.02

πŸ“… Published: Dec. 5, 2024, 12:59 p.m. πŸ”„ Last Modified: Aug. 28, 2025, 3:15 p.m.

8.8

CVSS4.0

CVE-2024-51554 - off-by-one-error

Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly available default credentials.Β  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02

πŸ“… Published: Dec. 5, 2024, 12:58 p.m. πŸ”„ Last Modified: Dec. 5, 2024, 2:36 p.m.
Total resulsts: 342372
Page 6933 of 34,238
Β« previous page Β» next page
Filters