4.3

CVSS3.1

CVE-2024-48900 - Moodle: idor when accessing list of badge recipients

A vulnerability was found in Moodle. Additional checks are required to ensure users with permission to view badge recipients can only access lists of those they are intended to have access to.

πŸ“… Published: Nov. 13, 2024, 2:27 p.m. πŸ”„ Last Modified: June 13, 2025, 12:33 a.m.

5.3

CVSS4.0

CVE-2024-49505 - XSS vulnerability found in OpenSuse MirrorCache

A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in openSUSE Tumbleweed MirrorCache allows the execution of arbitrary JS via reflected XSS in theΒ  REGEX and P parameters. This issue affects MirrorCache before 1.083.

πŸ“… Published: Nov. 13, 2024, 2:21 p.m. πŸ”„ Last Modified: Nov. 14, 2024, 3:13 p.m.

5.7

CVSS4.0

CVE-2024-11165 -

An information disclosure vulnerability exists in the backup configuration process where the SAS token is not masked in the configuration response. This oversight results in sensitive information leakage within the yb_backup log files, exposing the SAS token in plaintext. The leakage occurs during …

πŸ“… Published: Nov. 13, 2024, 2:19 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 5:15 p.m.

7.3

CVSS4.0

CVE-2024-49506 - Fixed temporary file path in aeon-checks allows fixing of disk encryption key

Insecure creation of temporary files allows local users on systems with non-default configurations to cause denial of service or set the encryption key for a filesystem

πŸ“… Published: Nov. 13, 2024, 2:15 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 5:15 p.m.

5.3

CVSS3.1

CVE-2024-11159 - thunderbird: Potential disclosure of plaintext in OpenPGP encrypted message

Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird < 128.4.3 and Thunderbird < 132.0.1.

πŸ“… Published: Nov. 13, 2024, 1:42 p.m. πŸ”„ Last Modified: Dec. 6, 2024, 8:15 p.m.

7.5

CVSS3.1

CVE-2024-48989 -

A vulnerability in the PROFINET stack implementation of the IndraDrive (all versions) of Bosch Rexroth allows an attacker to cause a denial of service, rendering the device unresponsive by sending arbitrary UDP messages.

πŸ“… Published: Nov. 13, 2024, 1:39 p.m. πŸ”„ Last Modified: Nov. 13, 2024, 5:01 p.m.

8.5

CVSS4.0

CVE-2022-45157 - Exposure of vSphere's CPI and CSI credentials in Rancher

A vulnerability has been identified in the way that Rancher stores vSphere's CPI (Cloud Provider Interface) and CSI (Container Storage Interface) credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext…

πŸ“… Published: Nov. 13, 2024, 1:39 p.m. πŸ”„ Last Modified: July 12, 2025, 11:06 p.m.

0.0

CVE-2024-11177 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: Nov. 13, 2024, 1:17 p.m. πŸ”„ Last Modified: Nov. 26, 2024, 5:15 p.m.

7.4

CVSS3.1

CVE-2024-47574 -

A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version 7.4.0, versions 7.2.4 through 7.2.0, versions 7.0.12 through 7.0.0, and 6.4.10 through 6.4.0 allows low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe messages.

πŸ“… Published: Nov. 13, 2024, 11:15 a.m. πŸ”„ Last Modified: Jan. 21, 2025, 10:21 p.m.

6.9

CVSS4.0

CVE-2024-8001 - VIWIS LMS Print authorization

A vulnerability was found in VIWIS LMS 9.11. It has been classified as critical. Affected is an unknown function of the component Print Handler. The manipulation leads to missing authorization. It is possible to launch the attack remotely. A user with the role learner can use the administrative pri…

πŸ“… Published: Nov. 13, 2024, 9:47 a.m. πŸ”„ Last Modified: Jan. 9, 2025, 4:32 p.m.
Total resulsts: 343919
Page 7373 of 34,392
Β« previous page Β» next page
Filters