4.2

CVSS3.1

CVE-2024-4561 - WhatsUp Gold Server-Side Request Forgery Information Disclosure Vulnerability via FaviconController

In WhatsUp Gold versions released before 2023.1.2 , a blind SSRF vulnerability exists in Whatsup Gold's FaviconController that allows an attacker to send arbitrary HTTP requests on behalf of the vulnerable server.

πŸ“… Published: May 14, 2024, 8:35 p.m. πŸ”„ Last Modified: Dec. 9, 2024, 1:31 p.m.

8.1

CVSS3.1

CVE-2020-26312 - GHSL-2020-254: Arbitrary file read and/or write in dotmesh

Dotmesh is a git-like command-line interface for capturing, organizing and sharing application states. In versions 0.8.1 and prior, the unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target folder. …

πŸ“… Published: May 14, 2024, 8:22 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.2

CVSS3.1

CVE-2022-28132 -

The T-Soft E-Commerce 4 web application is susceptible to SQL injection (SQLi) attacks when authenticated as an admin or privileged user. This vulnerability allows attackers to access and manipulate the database through crafted requests. By exploiting this flaw, attackers can bypass authentication …

πŸ“… Published: May 14, 2024, 8:20 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.8

CVSS3.1

CVE-2024-31556 -

An issue in Reportico Web before v.8.1.0 allows a local attacker to execute arbitrary code and obtain sensitive information via the sessionid function.

πŸ“… Published: May 14, 2024, 8:15 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.2

CVSS3.1

CVE-2021-22280 - DLL Hijacking Vulnerability in Automation Studio

Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product.

πŸ“… Published: May 14, 2024, 7:36 p.m. πŸ”„ Last Modified: Dec. 19, 2025, 2:48 p.m.

7.5

CVSS3.1

CVE-2024-3676 -

The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains an Improper Input Validation vulnerability that allows an unauthenticated remote attacker with a specially crafted HTTP request to create additional Encryption user accounts under the attacker's control.Β  These accounts…

πŸ“… Published: May 14, 2024, 7:07 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5

CVSS3.1

CVE-2024-0862 -

The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Request Forgery vulnerability that allows an authenticated user to relay HTTP requests from the Protection server to otherwise private network addresses.

πŸ“… Published: May 14, 2024, 7:07 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.2

CVSS3.1

CVE-2024-2637 - Insecure Loading of Code in B&R Products

An Uncontrolled Search Path Element vulnerabilityΒ in B&R Industrial Automation Scene Viewer, B&R Industrial Automation Automation Runtime, B&R Industrial Automation mapp Vision, B&R Industrial Automation mapp View, B&R Industrial Automation mapp Cockpit, B&R Industrial Automation mapp Safety, B&R I…

πŸ“… Published: May 14, 2024, 6:49 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2024-4880 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: May 14, 2024, 6:02 p.m. πŸ”„ Last Modified: Feb. 11, 2025, 2:15 a.m.

9.8

CVSS3.1

CVE-2024-33485 -

SQL Injection vulnerability in CASAP Automated Enrollment System using PHP/MySQLi with Source Code V1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the login.php component

πŸ“… Published: May 14, 2024, 5:59 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 344718
Page 9413 of 34,472
Β« previous page Β» next page
Filters