5.3

CVSS3.1

CVE-2024-53253 - Sentry's improper error handling leaks Application Integration Client Secret

Sentry is an error tracking and performance monitoring platform. Version 24.11.0, and only version 24.11.0, is vulnerable to a scenario where a specific error message generated by the Sentry platform could include a plaintext Client ID and Client Secret for an application integration. The Client ID…

πŸ“… Published: Nov. 22, 2024, 7:58 p.m. πŸ”„ Last Modified: Sept. 15, 2025, 6:03 p.m.

5.5

CVSS3.1

CVE-2024-52998 - Substance3D - Stager | Out-of-bounds Read (CWE-125)

Substance3D - Stager versions 3.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a vic…

πŸ“… Published: Nov. 22, 2024, 7:11 p.m. πŸ”„ Last Modified: Dec. 3, 2024, 2:32 p.m.

6.9

CVSS4.0

CVE-2024-11618 - IPC Unigy Management System HTTP Request server-side request forgery

A vulnerability classified as critical was found in IPC Unigy Management System 04.03.00.08.0027. Affected by this vulnerability is an unknown functionality of the component HTTP Request Handler. The manipulation leads to server-side request forgery. The attack can be launched remotely. The exploit…

πŸ“… Published: Nov. 22, 2024, 7 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2024-11637 -

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

πŸ“… Published: Nov. 22, 2024, 6:24 p.m. πŸ”„ Last Modified: Jan. 14, 2025, 2:15 a.m.

2.8

CVSS3.1

CVE-2024-52814 - Helm Lacks Granularity in Workflow Role

Argo Helm is a collection of community maintained charts for `argoproj.github.io` projects. Prior to version 0.45.0, the `workflow-role`) lacks granularity in its privileges, giving permissions to `workflowtasksets` and `workflowartifactgctasks` to all workflow Pods, when only certain types of Pods…

πŸ“… Published: Nov. 22, 2024, 3:53 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-52804 - Tornado has HTTP cookie parsing DoS vulnerability

Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in the …

πŸ“… Published: Nov. 22, 2024, 3:43 p.m. πŸ”„ Last Modified: Nov. 3, 2025, 11:17 p.m.

7.5

CVSS3.1

CVE-2024-52802 - RIOT-OS missing dhcpv6_opt_t minimum header length check

RIOT is an operating system for internet of things (IoT) devices. In version 2024.04 and prior, the function `_parse_advertise`, located in `/sys/net/application_layer/dhcpv6/client.c`, has no minimum header length check for `dhcpv6_opt_t` after processing `dhcpv6_msg_t`. This omission could lead t…

πŸ“… Published: Nov. 22, 2024, 3:41 p.m. πŸ”„ Last Modified: Sept. 4, 2025, 11:42 p.m.

5.1

CVSS4.0

CVE-2024-52793 - XSS vulnerability in serveDir API of @std/http/file-server on POSIX systems

The Deno Standard Library provides APIs for Deno and the Web. Prior to version 1.0.11, `http/file-server`'s `serveDir` with `showDirListing: true` option is vulnerable to cross-site scripting when the attacker is a user who can control file names in the source directory on systems with POSIX file n…

πŸ“… Published: Nov. 22, 2024, 3:37 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.1

CVSS4.0

CVE-2024-10863 - Client-side audit exclusion vulnerability

: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4. End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.

πŸ“… Published: Nov. 22, 2024, 3:36 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.8

CVSS3.1

CVE-2021-38116 - Possible Command injection Vulnerability in OpenText iManager

Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenTextβ„’ iManager. This impacts all versions before 3.2.5

πŸ“… Published: Nov. 22, 2024, 3:34 p.m. πŸ”„ Last Modified: April 10, 2025, 6:39 p.m.
Total resulsts: 349182
Page 7751 of 34,919
Β« previous page Β» next page
Filters