8.6

CVSS3.1

CVE-2024-57767 -

MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /file/download.

๐Ÿ“… Published: Jan. 14, 2025, midnight ๐Ÿ”„ Last Modified: April 10, 2025, 3:37 p.m.

7.5

CVSS3.1

CVE-2024-57632 -

An issue in the is_column_unique component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

๐Ÿ“… Published: Jan. 14, 2025, midnight ๐Ÿ”„ Last Modified: April 10, 2025, 6:13 p.m.

5.4

CVSS3.1

CVE-2025-23018 - networkmanager: 4in6 and 6in6 protocols excessive trust

IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136.

๐Ÿ“… Published: Jan. 14, 2025, midnight ๐Ÿ”„ Last Modified: Nov. 3, 2025, 9:19 p.m.

7.5

CVSS3.1

CVE-2024-57644 - virtuoso-opensource: DoS in itc_hash_compare

An issue in the itc_hash_compare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

๐Ÿ“… Published: Jan. 14, 2025, midnight ๐Ÿ”„ Last Modified: April 17, 2025, 4:47 p.m.

7.5

CVSS3.1

CVE-2024-57650 - virtuoso-opensource: DoS in qi_inst_state_free

An issue in the qi_inst_state_free component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

๐Ÿ“… Published: Jan. 14, 2025, midnight ๐Ÿ”„ Last Modified: April 17, 2025, 4:47 p.m.

7.5

CVSS3.1

CVE-2024-57641 - virtuoso-opensource: DoS in sqlexp

An issue in the sqlexp component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

๐Ÿ“… Published: Jan. 14, 2025, midnight ๐Ÿ”„ Last Modified: April 17, 2025, 4:47 p.m.

7.5

CVSS3.1

CVE-2024-57634 -

An issue in the exp_copy component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

๐Ÿ“… Published: Jan. 14, 2025, midnight ๐Ÿ”„ Last Modified: April 10, 2025, 6:13 p.m.

5.8

CVSS3.1

CVE-2024-56374 - django: potential denial-of-service vulnerability in IPv6 validation

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions clean_ipv6_address and is_โ€ฆ

๐Ÿ“… Published: Jan. 14, 2025, midnight ๐Ÿ”„ Last Modified: Oct. 3, 2025, 1:16 p.m.

6.4

CVSS4.0

CVE-2025-23038 - Cross-Site Scripting (XSS) Stored endpoint 'remuneracao.php ' parameter 'descricao' in WeGIA

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `remuneracao.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into โ€ฆ

๐Ÿ“… Published: Jan. 13, 2025, 11:35 p.m. ๐Ÿ”„ Last Modified: Feb. 13, 2025, 7:02 p.m.

6.4

CVSS4.0

CVE-2025-23030 - Cross-Site Scripting (XSS) Reflected endpoint 'cadastro_funcionario.php' parameter 'cpf' in WeGIA

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `cadastro_funcionario.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious sโ€ฆ

๐Ÿ“… Published: Jan. 13, 2025, 11:34 p.m. ๐Ÿ”„ Last Modified: Feb. 13, 2025, 7:43 p.m.
Total resulsts: 349182
Page 7163 of 34,919
ยซ previous page ยป next page
Filters