7.5

CVSS3.1

CVE-2024-4438 - Etcd: incomplete fix for cve-2023-39325/cve-2023-44487 in openstack platform

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2023-39325/CVE-2023-44487, known as Rapid Reset. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat …

πŸ“… Published: May 6, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-34538 -

Mateso PasswordSafe through 8.13.9.26689 has Weak Cryptography.

πŸ“… Published: May 6, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8

CVSS3.1

CVE-2024-33788 -

Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the PinCode parameter at /API/info form endpoint.

πŸ“… Published: May 6, 2024, midnight πŸ”„ Last Modified: June 11, 2025, 3:39 p.m.

8.8

CVSS3.1

CVE-2024-30973 -

An issue in V-SOL G/EPON ONU HG323AC-B with firmware version V2.0.08-210715 allows an attacker to execute arbtirary code and obtain sensitive information via crafted POST request to /boaform/getASPdata/formFirewall, /boaform/getASPdata/formAcc.

πŸ“… Published: May 6, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.1

CVSS3.1

CVE-2024-33749 -

DedeCMS V5.7.114 is vulnerable to deletion of any file via mail_file_manage.php.

πŸ“… Published: May 6, 2024, midnight πŸ”„ Last Modified: April 1, 2025, 6:05 p.m.

8.6

CVSS3.1

CVE-2024-34470 -

An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbi…

πŸ“… Published: May 6, 2024, midnight πŸ”„ Last Modified: June 17, 2025, 4:23 p.m.

6.2

CVSS3.1

CVE-2024-34250 -

A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasm_loader_check_br" function in core/iwasm/interpreter/wasm_loader.c.

πŸ“… Published: May 6, 2024, midnight πŸ”„ Last Modified: June 13, 2025, 1:10 p.m.

7.3

CVSS3.1

CVE-2024-34533 -

A SQL injection vulnerability in ZI PT Solusi Usaha Mudah Analytic Data Query module (aka izi_data) 11.0 through 17.x before 17.0.3 allows a remote attacker to gain privileges via a query to IZITools::query_check, IZITools::query_fetch, or IZITools::query_execute.

πŸ“… Published: May 6, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.3

CVSS3.1

CVE-2024-34093 -

An issue was discovered in Archer Platform 6 before 2024.03. There is an X-Forwarded-For Header Bypass vulnerability. An unauthenticated attacker could potentially bypass intended whitelisting when X-Forwarded-For header is enabled.

πŸ“… Published: May 6, 2024, midnight πŸ”„ Last Modified: March 18, 2025, 3:26 p.m.

7.5

CVSS3.1

CVE-2024-4436 - Etcd: incomplete fix for cve-2022-41723 in openstack platform

The etcd package distributed with the Red Hat OpenStack platform has an incomplete fix for CVE-2022-41723. This issue occurs because the etcd package in the Red Hat OpenStack platform is using http://golang.org/x/net/http2 instead of the one provided by Red Hat Enterprise Linux versions, meaning it…

πŸ“… Published: May 6, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 9981 of 34,919
Β« previous page Β» next page
Filters