5.1

CVSS3.1

CVE-2024-41781 - IBM PowerVM Hypervisor information disclosure

IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60,ย FW1050.00 throughย FW1050.20, and FW1060.00 through FW1060.10ย functionality can be compromised if an attacker gains service access to the HMC. An attacker that gains service access to the Hโ€ฆ

๐Ÿ“… Published: Nov. 22, 2024, 11:55 a.m. ๐Ÿ”„ Last Modified: Aug. 15, 2025, 5:33 p.m.

6.5

CVSS3.1

CVE-2024-51766 - HPE NonStop DISK UTIL, Local Denial of Service vulnerability

A potential security vulnerability has been identified in the HPE NonStop DISK UTIL (T9208) product. This vulnerability could be exploited to cause a denial of service (DoS) to NonStop server. It exists in all prior DISK UTIL product versions of L-series and J-series.

๐Ÿ“… Published: Nov. 22, 2024, 11:41 a.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.7

CVSS3.1

CVE-2021-30299 - Improper Input Validation in Audio

Possible out of bound access in audio module due to lack of validation of user provided input.

๐Ÿ“… Published: Nov. 22, 2024, 9:09 a.m. ๐Ÿ”„ Last Modified: Nov. 25, 2024, 7:11 p.m.

6.7

CVSS3.1

CVE-2017-9711 - Permissions, Privileges, and Access Controls in Data

Certain unprivileged processes are able to perform IOCTL calls.

๐Ÿ“… Published: Nov. 22, 2024, 9:09 a.m. ๐Ÿ”„ Last Modified: Nov. 25, 2024, 7:10 p.m.

6.5

CVSS3.1

CVE-2024-7882 - SQLi in Special Minds' e-Commerce

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Special Minds Design and Software e-Commerce allows SQL Injection.This issue affects e-Commerce: before 22.11.2024.

๐Ÿ“… Published: Nov. 22, 2024, 8:49 a.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.2

CVSS3.1

CVE-2024-7837 - SQLi in Firmanet Software's ERP

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Firmanet Software ERP allows SQL Injection.This issue affects ERP: through 22.11.2024. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

๐Ÿ“… Published: Nov. 22, 2024, 8:12 a.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.8

CVSS3.1

CVE-2024-8929 - Leak partial content of the heap through heap buffer over-read in mysqlnd

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server.

๐Ÿ“… Published: Nov. 22, 2024, 6:15 a.m. ๐Ÿ”„ Last Modified: Nov. 3, 2025, 11:17 p.m.

9.8

CVSS3.1

CVE-2024-8932 - OOB access in ldap_escape

In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape()ย function on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write.

๐Ÿ“… Published: Nov. 22, 2024, 6:03 a.m. ๐Ÿ”„ Last Modified: Nov. 3, 2025, 11:17 p.m.

6.6

CVSS3.1

CVE-2024-9422 - GEO My WordPress < 4.5 - Admin+ Arbitrary File Upload

The GEO my WP WordPress plugin before 4.5, gmw-premium-settings WordPress plugin before 3.1 does not sufficiently validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server.

๐Ÿ“… Published: Nov. 22, 2024, 6 a.m. ๐Ÿ”„ Last Modified: June 9, 2025, 4:50 p.m.

4.3

CVSS3.1

CVE-2024-10666 - Easy Twitter Feed โ€“ Twitter feeds plugin for WP <= 1.2.6 - Authenticated (Contributor+) Post Exposuโ€ฆ

The Easy Twitter Feed โ€“ Twitter feeds plugin for WP plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.6 via the [etf] shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from passwโ€ฆ

๐Ÿ“… Published: Nov. 22, 2024, 5:33 a.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 7756 of 34,919
ยซ previous page ยป next page
Filters