6.5

CVSS3.1

CVE-2024-50924 -

Insecure permissions in Silicon Labs (SiLabs) Z-Wave Series 700 and 800 v7.21.1 allow attackers to cause disrupt communications between the controller and the device itself via repeatedly sending crafted packets to the controller.

πŸ“… Published: Dec. 10, 2024, midnight πŸ”„ Last Modified: July 1, 2025, 3:28 p.m.

9.8

CVSS3.1

CVE-2024-53480 -

Phpgurukul's Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in `login.php` via the `emailcont` parameter.

πŸ“… Published: Dec. 10, 2024, midnight πŸ”„ Last Modified: April 7, 2025, 3:17 p.m.

6.3

CVSS4.0

CVE-2024-9672 - Reflected XSS in PaperCut MF

A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. This issue can be used to execute specially created JavaScript payloads in the browser. A user must click on a malicious link for this issue to occur.

πŸ“… Published: Dec. 9, 2024, 11:49 p.m. πŸ”„ Last Modified: Jan. 30, 2025, 2:55 p.m.

9.8

CVSS3.1

CVE-2024-55638 - Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-008

Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 7.0 before 7.102, from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9. Drupal core contains a chain of methods that is exploitable when an insecure deserialization vulnerabi…

πŸ“… Published: Dec. 9, 2024, 11:26 p.m. πŸ”„ Last Modified: June 2, 2025, 4:23 p.m.

9.8

CVSS3.1

CVE-2024-55637 - Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-007

Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Drupal core contains a chain of methods that is exploitable when an insecure deserialization vulne…

πŸ“… Published: Dec. 9, 2024, 11:25 p.m. πŸ”„ Last Modified: June 2, 2025, 4:23 p.m.

9.8

CVSS3.1

CVE-2024-55636 - Drupal core - Less critical - Gadget chain - SA-CORE-2024-006

Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Drupal core contains a chain of methods that is exploitable when an insecure deserialization vulne…

πŸ“… Published: Dec. 9, 2024, 11:24 p.m. πŸ”„ Last Modified: June 2, 2025, 4:23 p.m.

6.1

CVSS3.1

CVE-2024-55635 - Drupal core - Critical - Cross Site Scripting - SA-CORE-2024-005

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Core allows Cross-Site Scripting (XSS).This issue affects Drupal Core: from 7.0 before 7.102.

πŸ“… Published: Dec. 9, 2024, 11:23 p.m. πŸ”„ Last Modified: June 2, 2025, 4:22 p.m.

8.1

CVSS3.1

CVE-2024-55634 - Drupal core - Moderately critical - Access bypass - SA-CORE-2024-004

A vulnerability in Drupal Core allows Privilege Escalation.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.

πŸ“… Published: Dec. 9, 2024, 11:21 p.m. πŸ”„ Last Modified: June 2, 2025, 4:21 p.m.

5.4

CVSS3.1

CVE-2024-12393 - Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2024-003

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Drupal Core allows Cross-Site Scripting (XSS).This issue affects Drupal Core: from 8.8.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.

πŸ“… Published: Dec. 9, 2024, 11:20 p.m. πŸ”„ Last Modified: June 2, 2025, 4:21 p.m.

2.7

CVSS3.1

CVE-2024-12174 -

An Improper Certificate Validation vulnerability exists in Tenable Security Center where an authenticated, privileged attacker could intercept email messages sent from Security Center via a rogue SMTP server.

πŸ“… Published: Dec. 9, 2024, 9:38 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 346575
Page 7300 of 34,658
Β« previous page Β» next page
Filters