5

CVSS3.1

CVE-2022-40732 -

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot.…

πŸ“… Published: Dec. 18, 2024, 10:34 p.m. πŸ”„ Last Modified: Aug. 26, 2025, 4:11 p.m.

8.8

CVSS3.1

CVE-2024-12695 -

Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Dec. 18, 2024, 9:42 p.m. πŸ”„ Last Modified: Feb. 11, 2025, 3:15 p.m.

8.8

CVSS3.1

CVE-2024-12694 -

Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Dec. 18, 2024, 9:42 p.m. πŸ”„ Last Modified: Feb. 11, 2025, 3:14 p.m.

8

CVSS3.1

CVE-2024-12693 -

Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Dec. 18, 2024, 9:42 p.m. πŸ”„ Last Modified: March 13, 2025, 5:15 p.m.

8.8

CVSS3.1

CVE-2024-12692 -

Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: Dec. 18, 2024, 9:42 p.m. πŸ”„ Last Modified: Feb. 11, 2025, 3:14 p.m.

5.9

CVSS3.1

CVE-2024-56140 - Bypass of CSRF Middleware in Astro

Astro is a web framework for content-driven websites. In affected versions a bug in Astro’s CSRF-protection middleware allows requests to bypass CSRF checks. When the `security.checkOrigin` configuration option is set to `true`, Astro middleware will perform a CSRF check. However, a vulnerability e…

πŸ“… Published: Dec. 18, 2024, 8:41 p.m. πŸ”„ Last Modified: Nov. 25, 2025, 1:42 p.m.

5.3

CVSS3.1

CVE-2024-45338 - Non-linear parsing of case-insensitive content in golang.org/x/net/html

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service.

πŸ“… Published: Dec. 18, 2024, 8:38 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.3

CVSS4.0

CVE-2024-56145 - RCE when PHP `register_argc_argv` config setting is enabled in craftcms/cms

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions are affected by this vulnerability if their php.ini configuration has `register_argc_argv` enabled. For these users an unspecified remote code execution vector is present…

πŸ“… Published: Dec. 18, 2024, 8:37 p.m. πŸ”„ Last Modified: Oct. 24, 2025, 2 p.m.

6.6

CVSS3.1

CVE-2024-12686 - Command Injection vulnerability in Remote Support(RS) & Privilege Remote Access (PRA)

A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.

πŸ“… Published: Dec. 18, 2024, 8:23 p.m. πŸ”„ Last Modified: Oct. 24, 2025, 1:43 p.m.

6.5

CVSS3.1

CVE-2024-51470 - IBM MQ denial of service

IBM MQΒ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ ApplianceΒ 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25Β could allow an authenticated user to cause a denial-of-service due to messages with improperly set values.

πŸ“… Published: Dec. 18, 2024, 7:56 p.m. πŸ”„ Last Modified: Aug. 15, 2025, 6:30 p.m.
Total resulsts: 347731
Page 7273 of 34,774
Β« previous page Β» next page
Filters