6.7

CVSS3.1

CVE-2024-27379 -

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_subscribe_get_nl_params(), there is no input validation check on hal_req->num_intf_addr_present coming from userspace, which can lead to a heap overwrite.

πŸ“… Published: June 5, 2024, 6:28 p.m. πŸ”„ Last Modified: March 29, 2025, 12:15 a.m.

8.5

CVSS4.0

CVE-2024-5184 - Prompt Injection in EmailGPT

The EmailGPT service contains a prompt injection vulnerability.Β The service uses an API service that allows a malicious user to inject a direct prompt and take over the service logic. Attackers can exploit the issue by forcing the AI service to leak the standard hard-coded system prompts and/or exe…

πŸ“… Published: June 5, 2024, 5:52 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:47 a.m.

7.5

CVSS3.1

CVE-2024-5037 - Openshift/telemeter: iss check during jwt authentication can be bypassed

A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT) authentication.

πŸ“… Published: June 5, 2024, 5:51 p.m. πŸ”„ Last Modified: April 18, 2026, 3:11 p.m.

7.3

CVSS4.0

CVE-2024-4009 - Replay Attack in KNX Secure Devices

Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System

πŸ“… Published: June 5, 2024, 5:19 p.m. πŸ”„ Last Modified: March 27, 2025, 9:15 p.m.

7.3

CVSS4.0

CVE-2024-4008 - FDSK Leak in KNX Secure Devices

FDSK Leak in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to take control via access to local KNX Bus-System

πŸ“… Published: June 5, 2024, 5:15 p.m. πŸ”„ Last Modified: Sept. 17, 2025, 6:15 a.m.

4.3

CVSS3.1

CVE-2024-35674 - WordPress Unlimited Elements For Elementor plugin <= 1.5.109 - Broken Access Control vulnerability

Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) unlimited-elements-for-elementor.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through <= 1.5.109.

πŸ“… Published: June 5, 2024, 4:19 p.m. πŸ”„ Last Modified: April 23, 2026, 3:18 p.m.

4.8

CVSS3.1

CVE-2024-20405 -

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that a…

πŸ“… Published: June 5, 2024, 4:15 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 8:52 a.m.

7.2

CVSS3.1

CVE-2024-20404 -

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affec…

πŸ“… Published: June 5, 2024, 4:14 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 8:52 a.m.

4.3

CVSS3.1

CVE-2024-35673 - WordPress Pure Chat plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Pure Chat by Ruby Pure Chat.This issue affects Pure Chat: from n/a through 2.22.

πŸ“… Published: June 5, 2024, 1:22 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:20 a.m.

6.1

CVSS3.1

CVE-2024-3469 - GP Premium <= 2.4.0 - Reflected Cross-Site Scripting

The GP Premium plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the message parameter in all versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts …

πŸ“… Published: June 5, 2024, 12:45 p.m. πŸ”„ Last Modified: April 8, 2026, 4:38 p.m.
Total resulsts: 349182
Page 9576 of 34,919
Β« previous page Β» next page
Filters