6.1

CVSS3.1

CVE-2024-37625 -

zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the $search parameter at /index.php.

πŸ“… Published: June 17, 2024, midnight πŸ”„ Last Modified: Nov. 21, 2024, 9:24 a.m.

6.5

CVSS3.1

CVE-2024-36527 -

puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol to read sensitive information from the server.

πŸ“… Published: June 17, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.3

CVSS3.1

CVE-2024-37661 -

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect messages.

πŸ“… Published: June 17, 2024, midnight πŸ”„ Last Modified: June 6, 2025, 5:09 p.m.

9.8

CVSS3.1

CVE-2024-36543 -

Incorrect access control in the Kafka Connect REST API in the STRIMZI Project 0.41.0 and earlier allows an attacker to deny the service for Kafka Mirroring, potentially mirror the topics' content to his Kafka cluster via a malicious connector (bypassing Kafka ACL if it exists), and potentially stea…

πŸ“… Published: June 17, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-4032 - Incorrect IPv4 and IPv6 private ranges

The β€œipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as β€œglobally reachable” or β€œprivate”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.…

πŸ“… Published: June 17, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.1

CVSS3.1

CVE-2024-36583 -

A Prototype Pollution issue in byondreal accessor <= 1.0.0 allows an attacker to execute arbitrary code via @byondreal/accessor/index.

πŸ“… Published: June 17, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-37795 -

A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT-LIB input file containing the `set-logic` command with specific formatting errors.

πŸ“… Published: June 17, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.1

CVSS3.1

CVE-2024-37623 -

Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /kaoqin/tpl_kaoqin_locationchange.html component.

πŸ“… Published: June 17, 2024, midnight πŸ”„ Last Modified: April 30, 2025, 11:52 p.m.

6.1

CVSS3.1

CVE-2024-37624 -

Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /chajian/inputChajian.php. component.

πŸ“… Published: June 17, 2024, midnight πŸ”„ Last Modified: March 17, 2025, 10:15 p.m.

9.8

CVSS3.1

CVE-2024-34833 -

Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability …

πŸ“… Published: June 17, 2024, midnight πŸ”„ Last Modified: April 30, 2025, 4:21 p.m.
Total resulsts: 347742
Page 9280 of 34,775
Β« previous page Β» next page
Filters