7.5

CVSS3.1

CVE-2024-51175 -

An issue in H3C switch h3c-S1526 allows a remote attacker to obtain sensitive information via the S1526.cfg component.

πŸ“… Published: Dec. 17, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.1

CVSS3.1

CVE-2024-31668 -

rizin before v0.6.3 is vulnerable to Improper Neutralization of Special Elements via meta_set function in librz/analysis/meta.

πŸ“… Published: Dec. 17, 2024, midnight πŸ”„ Last Modified: July 3, 2025, 12:30 a.m.

9.1

CVSS3.1

CVE-2024-54662 -

Dante 1.4.0 through 1.4.3 (fixed in 1.4.4) has incorrect access control for some sockd.conf configurations involving socksmethod.

πŸ“… Published: Dec. 17, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.3

CVSS3.1

CVE-2024-55514 -

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /upload_sfmig.php on the web interface. By crafting a suitable form name, arbitrary files can be uploaded, potentially leading to unauthorized access to server permissions.

πŸ“… Published: Dec. 17, 2024, midnight πŸ”„ Last Modified: April 28, 2025, 5:13 p.m.

7.3

CVSS3.1

CVE-2024-49194 -

Databricks JDBC Driver 2.x before 2.6.40 could potentially allow remote code execution (RCE) by triggering a JNDI injection via a JDBC URL parameter. The vulnerability is rooted in the improper handling of the krbJAASFile parameter. An attacker could potentially exploit this vulnerability to achiev…

πŸ“… Published: Dec. 17, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.3

CVSS3.1

CVE-2024-55058 -

An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online Birth Certificate System v1.0. This vulnerability resides in the viewid parameter of /user/view-application-detail.php. Authenticated users can exploit this flaw by manipulating the viewid parameter in the …

πŸ“… Published: Dec. 17, 2024, midnight πŸ”„ Last Modified: March 27, 2025, 4:23 p.m.

5.4

CVSS3.1

CVE-2024-55057 -

Phpgurukul Online Birth Certificate System 1.0 suffers from insufficient password requirements which can lead to unauthorized access to user accounts.

πŸ“… Published: Dec. 17, 2024, midnight πŸ”„ Last Modified: March 27, 2025, 4:18 p.m.

6.1

CVSS3.1

CVE-2024-55059 -

A stored HTML Injection vulnerability was identified in PHPGurukul Online Birth Certificate System v1.0 in /user/certificate-form.php.

πŸ“… Published: Dec. 17, 2024, midnight πŸ”„ Last Modified: March 27, 2025, 4:24 p.m.

6.4

CVSS3.1

CVE-2024-11906 - TPG Get Posts <= 3.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

The TPG Get Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tpg_get_posts' shortcode in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated…

πŸ“… Published: Dec. 16, 2024, 11:24 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.4

CVSS3.1

CVE-2024-11905 - Animated Counters <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Animated Counters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'animatedcounte' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authentica…

πŸ“… Published: Dec. 16, 2024, 11:24 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 7439 of 34,919
Β« previous page Β» next page
Filters