6.8

CVSS3.1

CVE-2024-48747 -

An issue in alist-tvbox v1.7.1 allows a remote attacker to execute arbitrary code via the /atv-cli file.

πŸ“… Published: Nov. 21, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.1

CVSS3.1

CVE-2024-45517 -

An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A Cross-Site Scripting (XSS) vulnerability in the /h/rest endpoint of the Zimbra webmail and admin panel interfaces allows attackers to execute arbitrary JavaScript in the victim's session. This issue is caused by improper sanitiza…

πŸ“… Published: Nov. 21, 2024, midnight πŸ”„ Last Modified: June 11, 2025, 9:17 p.m.

5.5

CVSS3.1

CVE-2024-53091 - bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx

In the Linux kernel, the following vulnerability has been resolved: bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx As the introduction of the support for vsock and unix sockets in sockmap, tls_sw_has_ctx_tx/rx cannot presume the socket passed in must be IS_ICSK. vsock and af_unix s…

πŸ“… Published: Nov. 21, 2024, midnight πŸ”„ Last Modified: Oct. 1, 2025, 9:16 p.m.

9.8

CVSS3.1

CVE-2024-51367 -

An arbitrary file upload vulnerability in the component \Users\username.BlackBoard of BlackBoard v2.0.0.2 allows attackers to execute arbitrary code via uploading a crafted .xml file.

πŸ“… Published: Nov. 21, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.5

CVSS3.1

CVE-2024-53089 - LoongArch: KVM: Mark hrtimer to expire in hard interrupt context

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Mark hrtimer to expire in hard interrupt context Like commit 2c0d278f3293f ("KVM: LAPIC: Mark hrtimer to expire in hard interrupt context") and commit 9090825fa9974 ("KVM: arm/arm64: Let the timer expire in hardir…

πŸ“… Published: Nov. 21, 2024, midnight πŸ”„ Last Modified: Oct. 1, 2025, 9:16 p.m.

8

CVSS3.1

CVE-2024-48286 -

Linksys E3000 1.0.06.002_US is vulnerable to command injection via the diag_ping_start function.

πŸ“… Published: Nov. 21, 2024, midnight πŸ”„ Last Modified: June 30, 2025, 3:15 p.m.

3.5

CVSS3.1

CVE-2024-51337 -

Cross Site Scripting vulnerability in Gibbon before v.27.0.01 and fixed in v.28.0.00 allows a remote attacker to obtain sensitive information via the email parameter found in /Gibbon/modules/User Admin/user_manage_editProcess.php.

πŸ“… Published: Nov. 21, 2024, midnight πŸ”„ Last Modified: July 17, 2025, 5:30 p.m.

6.3

CVSS3.1

CVE-2024-53333 -

TOTOLINK EX200 v4.0.3c.7646_B20201211 was found to contain a command insertion vulnerability in the setUssd function. This vulnerability allows an attacker to execute arbitrary commands via the "ussd" parameter.

πŸ“… Published: Nov. 21, 2024, midnight πŸ”„ Last Modified: April 4, 2025, 2:40 p.m.

6.1

CVSS3.1

CVE-2024-45514 -

An issue was discovered in Zimbra Collaboration (ZCS) through v10.1. A Cross-Site Scripting (XSS) vulnerability exists in one of the endpoints of Zimbra Webmail due to insufficient sanitization of the packages parameter. Attackers can bypass the existing checks by using encoded characters, allowing…

πŸ“… Published: Nov. 21, 2024, midnight πŸ”„ Last Modified: June 11, 2025, 9:17 p.m.

5.5

CVSS3.1

CVE-2024-53090 - afs: Fix lock recursion

In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afs_wake_up_async_call() can incur lock recursion. The problem is that it is called from AF_RXRPC whilst holding the ->notify_lock, but it tries to take a ref on the afs_call struct in order to pass it to…

πŸ“… Published: Nov. 21, 2024, midnight πŸ”„ Last Modified: Jan. 5, 2026, 10:55 a.m.
Total resulsts: 349182
Page 7772 of 34,919
Β« previous page Β» next page
Filters