5.7

CVSS3.1

CVE-2024-37895 - API Key Leak in lobe-chat

Lobe Chat is an open-source LLMs/AI chat framework. In affected versions if an attacker can successfully authenticate through SSO/Access Code, they can obtain the real backend API Key by modifying the base URL to their own attack URL on the frontend and setting up a server-side request. This issue …

πŸ“… Published: June 17, 2024, 7:28 p.m. πŸ”„ Last Modified: Oct. 8, 2025, 4:08 p.m.

10

CVSS3.1

CVE-2024-37902 - Path thraversal in DeepJavaLibrary

DeepJavaLibrary(DJL) is an Engine-Agnostic Deep Learning Framework in Java. DJL versions 0.1.0 through 0.27.0 do not prevent absolute path archived artifacts from inserting archived files directly into the system, overwriting system files. This is fixed in DJL 0.28.0 and patched in DJL Large Model …

πŸ“… Published: June 17, 2024, 7:25 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.1

CVSS4.0

CVE-2024-6059 - Ingenico Estate Manager News Feed messages cross site scripting

A vulnerability, which was classified as problematic, has been found in Ingenico Estate Manager 2023. This issue affects some unknown processing of the file /emgui/rest/ums/messages of the component News Feed. The manipulation of the argument message leads to cross site scripting. The attack may be…

πŸ“… Published: June 17, 2024, 6:31 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:48 a.m.

0.0

CVE-2024-6093 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: June 17, 2024, 6:30 p.m. πŸ”„ Last Modified: Feb. 11, 2025, 2:15 a.m.

5.3

CVSS3.1

CVE-2018-25103 - Use-after-free vulnerabilities in lighttpd <= 1.4.50

There exists use-after-free vulnerabilities in lighttpd <= 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not from other requests.

πŸ“… Published: June 17, 2024, 6:02 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.3

CVSS4.0

CVE-2024-6058 - LabVantage LIMS cross site scripting

A vulnerability classified as problematic has been found in LabVantage LIMS 2017. This affects an unknown part of the file /labvantage/rc?command=page&page=SampleHistoricalList&_iframename=list&__crc=crc_1701669816260. The manipulation of the argument height/width leads to cross site scripting. It …

πŸ“… Published: June 17, 2024, 6 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:48 a.m.

6.3

CVSS4.0

CVE-2024-6056 - nasirkhan Laravel Starter Password Reset forgot-password observable response discrepancy

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response discr…

πŸ“… Published: June 17, 2024, 5:31 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:48 a.m.

0.0

CVE-2024-6081 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: June 17, 2024, 5:02 p.m. πŸ”„ Last Modified: Feb. 11, 2025, 2:15 a.m.

3.5

CVSS3.1

CVE-2024-37159 - Evmos is missing create validator check

Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. This vulnerability allowed a user to create a validator using vested tokens to deposit the self-bond. This vulnerability is fixed in 18.0.0.

πŸ“… Published: June 17, 2024, 2:03 p.m. πŸ”„ Last Modified: July 12, 2025, 10:31 p.m.

3.5

CVSS3.1

CVE-2024-37158 - Evmos is missing precompile checks

Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. Preliminary checks on actions computed by the clawback vesting accounts are performed in the ante handler. Evmos core, implements two different ante handlers: one for Cosmos transactions and one for Ethereum transactions. Checks…

πŸ“… Published: June 17, 2024, 2:03 p.m. πŸ”„ Last Modified: July 12, 2025, 11:06 p.m.
Total resulsts: 347731
Page 9274 of 34,774
Β« previous page Β» next page
Filters