8.7

CVSS4.0

CVE-2024-39703 -

In ThreatQuotient ThreatQ before 5.29.3, authenticated users are able to execute arbitrary commands by sending a crafted request to an API endpoint.

πŸ“… Published: Dec. 18, 2024, midnight πŸ”„ Last Modified: Dec. 18, 2024, 3:14 p.m.

7.5

CVSS3.1

CVE-2024-56319 -

In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user label appends in a userlabel cluster can lead to a denial of service (resource exhaustion).

πŸ“… Published: Dec. 18, 2024, midnight πŸ”„ Last Modified: Dec. 31, 2024, 8:16 p.m.

6.1

CVSS3.1

CVE-2024-56115 -

A vulnerability in Amiro.CMS before 7.8.4 exists due to the failure to take measures to neutralize special elements. It allows remote attackers to conduct a Cross-Site Scripting (XSS) attack.

πŸ“… Published: Dec. 18, 2024, midnight πŸ”„ Last Modified: April 23, 2025, 9:33 p.m.

8.8

CVSS3.1

CVE-2024-55506 -

An IDOR vulnerability in CodeAstro's Complaint Management System v1.0 (version with 0 updates) enables an attacker to execute arbitrary code and obtain sensitive information via the delete.php file and modifying the id parameter.

πŸ“… Published: Dec. 18, 2024, midnight πŸ”„ Last Modified: April 3, 2025, 4:36 p.m.

6.1

CVSS3.1

CVE-2024-56175 -

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from client-side template injection in list item names.

πŸ“… Published: Dec. 18, 2024, midnight πŸ”„ Last Modified: June 5, 2025, 8:59 p.m.

5.3

CVSS3.1

CVE-2024-56169 -

A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI Relying Parties (such as Fort) are supposed to maintain a backup cache of the remote RPKI data. This can be employed as a fallback in case a new fetch fails or yields incorrect files. However, the product currently…

πŸ“… Published: Dec. 18, 2024, midnight πŸ”„ Last Modified: April 22, 2025, 4:24 p.m.

4.6

CVSS3.1

CVE-2024-37649 -

Insecure Permissions vulnerability in SecureSTATION v.2.5.5.3116-S50-SMA-B20160811A and before allows a physically proximate attacker to obtain sensitive information via the modification of user credentials.

πŸ“… Published: Dec. 18, 2024, midnight πŸ”„ Last Modified: Dec. 31, 2024, 8:16 p.m.

8.8

CVSS3.1

CVE-2024-56116 -

A Cross-Site Request Forgery vulnerability in Amiro.CMS before 7.8.4 allows remote attackers to create an administrator account.

πŸ“… Published: Dec. 18, 2024, midnight πŸ”„ Last Modified: April 23, 2025, 9:34 p.m.

8.1

CVSS3.1

CVE-2024-56174 -

In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from client-side template injection in search history.

πŸ“… Published: Dec. 18, 2024, midnight πŸ”„ Last Modified: June 5, 2025, 8:59 p.m.

7.5

CVSS3.1

CVE-2024-56318 -

In raw\TCP.cpp in Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before 27ca6ec, there is a NULL pointer dereference in TCPBase::ProcessSingleMessage via TCP packets with zero messageSize, leading to denial of service.

πŸ“… Published: Dec. 18, 2024, midnight πŸ”„ Last Modified: Jan. 2, 2025, 8:16 p.m.
Total resulsts: 343979
Page 6910 of 34,398
Β« previous page Β» next page
Filters