8.8

CVSS3.1

CVE-2024-9420 -

A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution

๐Ÿ“… Published: Nov. 12, 2024, 3:57 p.m. ๐Ÿ”„ Last Modified: March 13, 2025, 4:15 p.m.

4.9

CVSS3.1

CVE-2024-47905 -

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.

๐Ÿ“… Published: Nov. 12, 2024, 3:56 p.m. ๐Ÿ”„ Last Modified: Nov. 18, 2024, 3:08 p.m.

9.8

CVSS3.1

CVE-2024-52297 - Tolgee's configuration all configuration properties leaked in public configuration DTO

Tolgee is an open-source localization platform. Tolgee 3.81.1 included the all configuration properties in the PublicConfiguratioDTO publicly exposed to users. This vulnerability is fixed in v3.81.2.

๐Ÿ“… Published: Nov. 12, 2024, 3:54 p.m. ๐Ÿ”„ Last Modified: Sept. 11, 2025, 9:27 p.m.

4.3

CVSS3.1

CVE-2024-10971 -

Improper access control in the Password History feature in Devolutions DVLS 2024.3.6 and earlier allows a malicious authenticated user to obtain sensitive data via faulty permission.

๐Ÿ“… Published: Nov. 12, 2024, 3:52 p.m. ๐Ÿ”„ Last Modified: June 27, 2025, 6:47 p.m.

5.5

CVSS3.1

CVE-2024-47535 - Denial of Service attack on windows app using Netty

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts toโ€ฆ

๐Ÿ“… Published: Nov. 12, 2024, 3:50 p.m. ๐Ÿ”„ Last Modified: Sept. 5, 2025, 2 p.m.

9

CVSS3.1

CVE-2024-43415 - Decidim-Awesome: SQL injection in AdminAccountability

An improper neutralization of special elements used in an SQL command in the papertrail/version- model of the decidim_awesome-module <= v0.11.1 (> 0.9.0) allows an authenticated admin user to manipulate sql queries to disclose information, read and write files or execute commands.

๐Ÿ“… Published: Nov. 12, 2024, 3:45 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2024-50330 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Updateย allows a remote unauthenticated attacker to achieve remote code execution.

๐Ÿ“… Published: Nov. 12, 2024, 3:42 p.m. ๐Ÿ”„ Last Modified: April 23, 2025, 9:29 p.m.

8.8

CVSS3.1

CVE-2024-50329 -

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Updateย allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.

๐Ÿ“… Published: Nov. 12, 2024, 3:41 p.m. ๐Ÿ”„ Last Modified: Nov. 19, 2024, 4:56 a.m.

7.2

CVSS3.1

CVE-2024-50328 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Updateย allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 12, 2024, 3:41 p.m. ๐Ÿ”„ Last Modified: Nov. 19, 2024, 4:55 a.m.

7.2

CVSS3.1

CVE-2024-50327 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Updateย allows a remote authenticated attacker with admin privileges to achieve remote code execution.

๐Ÿ“… Published: Nov. 12, 2024, 3:40 p.m. ๐Ÿ”„ Last Modified: Nov. 19, 2024, 4:55 a.m.
Total resulsts: 345195
Page 7532 of 34,520
ยซ previous page ยป next page
Filters