5.1

CVSS4.0

CVE-2024-11479 - Authenticated HTML Injection in Issuetrak Ticket Comment Function

A HTML Injection vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. HTML markup could be added to comments of tickets, which when submitted will render in the emails sent to all users on that ticket.

πŸ“… Published: Dec. 4, 2024, 12:23 a.m. πŸ”„ Last Modified: Dec. 4, 2024, 2:49 p.m.

9.8

CVSS3.1

CVE-2024-54661 - socat: arbitrary file overwrite via predictable /tmp directory

readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file.

πŸ“… Published: Dec. 4, 2024, midnight πŸ”„ Last Modified: Jan. 9, 2025, 4:30 p.m.

7.5

CVSS3.1

CVE-2024-37575 -

The Mister org.mistergroup.shouldianswer application 1.4.264 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the org.mistergroup.shouldianswer.ui.default_dialer.DefaultDialerActivity component.

πŸ“… Published: Dec. 4, 2024, midnight πŸ”„ Last Modified: Dec. 11, 2024, 4:15 p.m.

8.2

CVSS3.1

CVE-2024-37574 -

The GriceMobile com.grice.call application 4.5.2 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.iui.mobile.presentation.MobileActivity.

πŸ“… Published: Dec. 4, 2024, midnight πŸ”„ Last Modified: Dec. 12, 2024, 1:55 a.m.

7.8

CVSS3.1

CVE-2024-53133 - drm/amd/display: Handle dml allocation failure to avoid crash

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Handle dml allocation failure to avoid crash [Why] In the case where a dml allocation fails for any reason, the current state's dml contexts would no longer be valid. Then subsequent calls dc_state_copy_internal …

πŸ“… Published: Dec. 4, 2024, midnight πŸ”„ Last Modified: Oct. 1, 2025, 9:16 p.m.

9.8

CVSS3.1

CVE-2024-48453 -

An issue in INOVANCE AM401_CPU1608TPTN allows a remote attacker to execute arbitrary code via the ExecuteUserProgramUpgrade function

πŸ“… Published: Dec. 4, 2024, midnight πŸ”„ Last Modified: Dec. 12, 2024, 2:04 a.m.

7.5

CVSS3.1

CVE-2024-50947 -

An issue in kmqtt v0.2.7 allows attackers to cause a Denial of Service (DoS) via a crafted request.

πŸ“… Published: Dec. 4, 2024, midnight πŸ”„ Last Modified: Sept. 5, 2025, 1:41 p.m.

6.5

CVSS3.1

CVE-2024-53614 -

A hardcoded decryption key in Thinkware Cloud APK v4.3.46 allows attackers to access sensitive data and execute arbitrary commands with elevated privileges.

πŸ“… Published: Dec. 4, 2024, midnight πŸ”„ Last Modified: Dec. 4, 2024, 5:15 p.m.

8.8

CVSS3.1

CVE-2024-39219 -

An issue in Aginode GigaSwitch V5 before version 7.06G allows authenticated attackers with Administrator privileges to upload an earlier firmware version, exposing the device to previously patched vulnerabilities.

πŸ“… Published: Dec. 4, 2024, midnight πŸ”„ Last Modified: Dec. 11, 2024, 5:15 p.m.

5.5

CVSS3.1

CVE-2024-53128 - sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers

In the Linux kernel, the following vulnerability has been resolved: sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers When CONFIG_KASAN_SW_TAGS and CONFIG_KASAN_STACK are enabled, the object_is_on_stack() function may produce incorrect results due to the presence of tags in the…

πŸ“… Published: Dec. 4, 2024, midnight πŸ”„ Last Modified: Jan. 5, 2026, 10:55 a.m.
Total resulsts: 342358
Page 6950 of 34,236
Β« previous page Β» next page
Filters