7.5

CVSS3.1

CVE-2024-48310 -

AutoLib Software Systems OPAC v20.10 was discovered to have multiple API keys exposed within the source code. Attackers may use these keys to access the backend API or other sensitive information.

๐Ÿ“… Published: Jan. 28, 2025, midnight ๐Ÿ”„ Last Modified: March 25, 2025, 2:15 p.m.

8.8

CVSS3.1

CVE-2024-57376 -

Buffer Overflow vulnerability in D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500N, DSR-1000N from 3.13 to 3.17B901C allows unauthenticated users to execute remote code execution.

๐Ÿ“… Published: Jan. 28, 2025, midnight ๐Ÿ”„ Last Modified: July 1, 2025, 3:15 p.m.

5.2

CVSS3.1

CVE-2024-45775 - Grub2: commands/extcmd: missing check for failed allocation

A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parse_option() functionโ€ฆ

๐Ÿ“… Published: Jan. 28, 2025, midnight ๐Ÿ”„ Last Modified: Jan. 29, 2026, 5:01 p.m.

7.1

CVSS3.1

CVE-2024-56529 -

Mailcow through 2024-11b has a session fixation vulnerability in the web panel. It allows remote attackers to set a session identifier when HSTS is disabled on a victim's browser. After a user logs in, they are authenticated and the session identifier is valid. Then, a remote attacker can access thโ€ฆ

๐Ÿ“… Published: Jan. 28, 2025, midnight ๐Ÿ”„ Last Modified: July 12, 2025, 10:44 p.m.

6.5

CVSS3.1

CVE-2024-28786 - IBM QRadar SIEM information disclosure

IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques.

๐Ÿ“… Published: Jan. 27, 2025, 11:36 p.m. ๐Ÿ”„ Last Modified: July 25, 2025, 6:51 p.m.

6.5

CVSS3.1

CVE-2022-31749 - Authenticated arbitrary file read/write in WatchGuard Fireware OS

An argument injection vulnerability in the diagnose and import pac commands in WatchGuard Fireware OS before 12.8.1, 12.1.4, and 12.5.10 allows an authenticated remote attacker with unprivileged credentials to upload or read files to limited, arbitrary locations on WatchGuard Firebox and XTM appliaโ€ฆ

๐Ÿ“… Published: Jan. 27, 2025, 11:28 p.m. ๐Ÿ”„ Last Modified: Jan. 28, 2025, 3:18 p.m.

2.3

CVSS4.0

CVE-2025-24369 - Anubis has a bot protection bypass when a sophisticated attacker asks to pass a challenge of difficโ€ฆ

Anubis is a tool that allows administrators to protect bots against AI scrapers through bot-checking heuristics and a proof-of-work challenge to discourage scraping from multiple IP addresses. Anubis allows attackers to bypass the bot protection by requesting a challenge, formulates any nonce (suchโ€ฆ

๐Ÿ“… Published: Jan. 27, 2025, 10:57 p.m. ๐Ÿ”„ Last Modified: Jan. 28, 2025, 3:18 p.m.

6.5

CVSS3.1

CVE-2024-37526 - IBM Watson Query on Cloud Pak for Data information disclosure

IBM Watson Query on Cloud Pak for Data (IBM Data Virtualizationย 1.8, 2.0, 2.1, 2.2, and 3.0.0) could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism.

๐Ÿ“… Published: Jan. 27, 2025, 9:53 p.m. ๐Ÿ”„ Last Modified: Aug. 18, 2025, 6:07 p.m.

9.8

CVSS3.1

CVE-2025-24130 -

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to modify protected parts of the file system.

๐Ÿ“… Published: Jan. 27, 2025, 9:46 p.m. ๐Ÿ”„ Last Modified: April 2, 2026, 7:19 p.m.

5.5

CVSS3.1

CVE-2024-54519 -

The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2. An app may be able to read sensitive location information.

๐Ÿ“… Published: Jan. 27, 2025, 9:46 p.m. ๐Ÿ”„ Last Modified: April 2, 2026, 7:18 p.m.
Total resulsts: 343992
Page 6413 of 34,400
ยซ previous page ยป next page
Filters