6.5

CVSS3.1

CVE-2023-30314 -

An issue discovered in 360 V6G, 360 T5G, 360 T6M, and 360 P1 routers allows attackers to hijack TCP sessions which could lead to a denial of service.

πŸ“… Published: May 28, 2024, 9:37 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-23580 - HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of One-Time Passwords (OTPs)

HCL DRYiCE Optibot Reset Station is impacted byΒ insecure encryption of One-Time Passwords (OTPs). This could allow an attacker with access to the database to recover some or all encrypted values.

πŸ“… Published: May 28, 2024, 9:29 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-23579 - HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions. This could allow an attacker with access to the database to recover some or all encrypted values.

πŸ“… Published: May 28, 2024, 9:25 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.3

CVSS3.1

CVE-2024-35226 - PHP Code Injection by malicious attribute in extends-tag in Smarty

Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap. Al…

πŸ“… Published: May 28, 2024, 8:55 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.7

CVSS3.1

CVE-2024-35511 -

phpgurukul Men Salon Management System v2.0 is vulnerable to SQL Injection via the "username" parameter of /msms/admin/index.php.

πŸ“… Published: May 28, 2024, 8:35 p.m. πŸ”„ Last Modified: April 3, 2025, midnight

5.4

CVSS3.1

CVE-2024-35548 -

A SQL injection vulnerability in Mybatis plus versions below 3.5.6 allows remote attackers to obtain database information via a Boolean blind injection. NOTE: the vendor's position is that this can only occur in a misconfigured application; the documentation discusses how to develop applications th…

πŸ“… Published: May 28, 2024, 8:25 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-22641 -

TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file.

πŸ“… Published: May 28, 2024, 8:17 p.m. πŸ”„ Last Modified: Nov. 3, 2025, 8:16 p.m.

5.4

CVSS3.1

CVE-2024-35240 - Stored Cross-site Scripting on Print Functionality in Umbraco Commerce

Umbraco Commerce is an open source dotnet ecommerce solution. In affected versions there exists a stored Cross-site scripting (XSS) issue which would enable attackers to inject malicious code into Print Functionality. This issue has been addressed in versions 12.1.4, and 10.0.5. Users are advised t…

πŸ“… Published: May 28, 2024, 8:15 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

2.7

CVSS3.1

CVE-2024-35239 - Stored Cross-site Scripting on Components of Umbraco Forms

Umbraco Commerce is an open source dotnet web forms solution. In affected versions an authenticated user that has access to edit Forms may inject unsafe code into Forms components. This issue can be mitigated by configuring TitleAndDescription:AllowUnsafeHtmlRendering after upgrading to one of the …

πŸ“… Published: May 28, 2024, 8:15 p.m. πŸ”„ Last Modified: Jan. 5, 2026, 6:59 p.m.

7.5

CVSS3.1

CVE-2023-30313 -

An issue discovered in Wavlink QUANTUM D2G routers allows attackers to hijack TCP sessions which could lead to a denial of service.

πŸ“… Published: May 28, 2024, 8:05 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 9647 of 34,919
Β« previous page Β» next page
Filters