7.5
CVE-2024-52920 -
Bitcoin Core before 0.20.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed GETDATA message.
7.5
CVE-2024-52914 -
In Bitcoin Core before 0.18.0, a node could be stalled for hours when processing the orphans of a crafted unconfirmed transaction.
9.8
CVE-2024-50919 -
Jpress until v5.1.1 has arbitrary file uploads on the windows platform, and the construction of non-standard file formats such as .jsp. can lead to arbitrary command execution
5.4
CVE-2024-52943 -
An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24697. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting (XSS) while viewing archived content. This could reflect back to an authenticated user wβ¦
7.8
CVE-2024-52945 -
An issue was discovered in Veritas NetBackup before 10.5. This only applies to NetBackup components running on a Windows Operating System. If a user executes specific NetBackup commands or an attacker uses social engineering techniques to impel the user to execute the commands, a malicious DLL coulβ¦
5.3
CVE-2024-52921 -
In Bitcoin Core before 25.0, a peer can affect the download state of other peers by sending a mutated block.
6.5
CVE-2024-52917 -
Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis of random data received over the network, e.g., large M-SEARCH replies from a fake UPnP device.
5.4
CVE-2024-52944 -
An issue was discovered in Veritas Enterprise Vault before 15.1 UPD882911, ZDI-CAN-24698. It allows an authenticated remote attacker to inject a parameter into an HTTP request, allowing for Cross-Site Scripting while viewing archived content. This could reflect back to an authenticated user withoutβ¦
7.5
CVE-2023-49952 -
Mastodon 4.1.x before 4.1.17 and 4.2.x before 4.2.9 allows a bypass of rate limiting via a crafted HTTP request header.
7.5
CVE-2024-44757 -
An arbitrary file download vulnerability in the component /Basics/DownloadInpFile of NUS-M9 ERP Management Software v3.0.0 allows attackers to download arbitrary files and access sensitive information via a crafted interface request.