7

CVSS3.0

CVE-2024-55577 -

Stack-based buffer overflow vulnerability exists in Linux Ratfor 1.06 and earlier. When the software processes a file which is specially crafted by an attacker, arbitrary code may be executed. As a result, the attacker may obtain or alter information of the user environment or cause the user enviro…

πŸ“… Published: Jan. 15, 2025, 5:17 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.7

CVSS3.1

CVE-2025-22394 -

Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to code execution and possibly privilege escalation.

πŸ“… Published: Jan. 15, 2025, 4:41 a.m. πŸ”„ Last Modified: Feb. 4, 2025, 3:51 p.m.

6.6

CVSS3.1

CVE-2025-21101 -

Dell Display Manager, versions prior to 2.3.2.20, contain a race condition vulnerability. A local malicious user could potentially exploit this vulnerability during installation, leading to arbitrary folder or file deletion.

πŸ“… Published: Jan. 15, 2025, 4:36 a.m. πŸ”„ Last Modified: Feb. 4, 2025, 3:50 p.m.

6.1

CVSS3.1

CVE-2024-13334 - Car Demon <= 1.8.1 - Reflected Cross-Site Scripting

The Car Demon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search_condition' parameter in all versions up to, and including, 1.8.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary we…

πŸ“… Published: Jan. 15, 2025, 3:22 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2025-0343 -

Swift ASN.1 can be caused to crash when parsing certain BER/DER constructions. This crash is caused by a confusion in the ASN.1 library itself which assumes that certain objects can only be provided in either constructed or primitive forms, and will trigger a preconditionFailure if that constraint …

πŸ“… Published: Jan. 15, 2025, 12:48 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.8

CVSS3.1

CVE-2024-57022 -

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "sHour" parameter in setWiFiScheduleCfg.

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: March 19, 2025, 2:15 p.m.

5.5

CVSS3.1

CVE-2024-57891 - sched_ext: Fix invalid irq restore in scx_ops_bypass()

In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix invalid irq restore in scx_ops_bypass() While adding outer irqsave/restore locking, 0e7ffff1b811 ("scx: Fix raciness in scx_ops_bypass()") forgot to convert an inner rq_unlock_irqrestore() to rq_unlock() which coul…

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: Oct. 17, 2025, 3:12 p.m.

8.8

CVSS3.1

CVE-2024-57016 -

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "user" parameter in setVpnAccountCfg.

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: March 24, 2025, 4:15 p.m.

6.8

CVSS3.1

CVE-2024-57023 -

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "week" parameter in setWiFiScheduleCfg.

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: April 7, 2025, 6:14 p.m.

7.5

CVSS3.1

CVE-2024-50954 -

The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a vulnerability in handling Modbus messages. When a TCP connection is established with the above series of controllers within a local area network (LAN), sending a specific Modbus message to the controller can cau…

πŸ“… Published: Jan. 15, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 7108 of 34,919
Β« previous page Β» next page
Filters