7.2

CVSS3.1

CVE-2024-54181 - IBM WebSphere Automation command injection

IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to the swagger UI, to execute arbitrary code. Using specially crafted input, the user could exploit this vulnerability to execute arbitrary code on the system.

πŸ“… Published: Dec. 30, 2024, 1:41 p.m. πŸ”„ Last Modified: March 28, 2025, 4:32 p.m.

9.3

CVSS3.0

CVE-2024-10044 - SSRF in POST /worker_generate_stream API endpoint in lm-sys/fastchat

A Server-Side Request Forgery (SSRF) vulnerability exists in the POST /worker_generate_stream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit e208d5677c6837d590b81cb03847c0b9de100765. This vulnerability allows attackers to exploit the victim controller API server's creden…

πŸ“… Published: Dec. 30, 2024, 11:47 a.m. πŸ”„ Last Modified: July 29, 2025, 11:26 p.m.

4.8

CVSS4.0

CVE-2024-12993 - Location information exposure in Infinix Weather app

Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured content provider. An attacker can communicate with the provider and reveal the user’s location without any privileges.Β  After multiple attempts to contact the vendor we did not receive any answer. We supp…

πŸ“… Published: Dec. 30, 2024, 11:01 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2024-47926 - Tecnick TCExam – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL I…

Tecnick TCExam – CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

πŸ“… Published: Dec. 30, 2024, 10:06 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-47925 - Tecnick TCExam – Multiple CWE-79: Improper Neutralization of Input During Web Page Generation ('Cro…

Tecnick TCExam – Multiple CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

πŸ“… Published: Dec. 30, 2024, 10:05 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-47924 - Boa web server – CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site S…

Boa web server – CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

πŸ“… Published: Dec. 30, 2024, 10:04 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.3

CVSS3.1

CVE-2024-47923 - Mashov – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

Mashov – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

πŸ“… Published: Dec. 30, 2024, 9:52 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-47922 - Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

Priority – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

πŸ“… Published: Dec. 30, 2024, 9:50 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.4

CVSS3.1

CVE-2024-47921 - Smadar SPS – CWE-327: Use of a Broken or Risky Cryptographic Algorithm

Smadar SPS – CWE-327: Use of a Broken or Risky Cryptographic Algorithm

πŸ“… Published: Dec. 30, 2024, 9:47 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-47920 - Tiki Wiki CMS – CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Sc…

Tiki Wiki CMS – CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

πŸ“… Published: Dec. 30, 2024, 9:46 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 348415
Page 7254 of 34,842
Β« previous page Β» next page
Filters