4.9

CVSS3.1

CVE-2024-47905 -

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.

📅 Published: Nov. 12, 2024, 3:56 p.m. 🔄 Last Modified: Nov. 18, 2024, 3:08 p.m.

9.8

CVSS3.1

CVE-2024-52297 - Tolgee's configuration all configuration properties leaked in public configuration DTO

Tolgee is an open-source localization platform. Tolgee 3.81.1 included the all configuration properties in the PublicConfiguratioDTO publicly exposed to users. This vulnerability is fixed in v3.81.2.

📅 Published: Nov. 12, 2024, 3:54 p.m. 🔄 Last Modified: Sept. 11, 2025, 9:27 p.m.

4.3

CVSS3.1

CVE-2024-10971 -

Improper access control in the Password History feature in Devolutions DVLS 2024.3.6 and earlier allows a malicious authenticated user to obtain sensitive data via faulty permission.

📅 Published: Nov. 12, 2024, 3:52 p.m. 🔄 Last Modified: June 27, 2025, 6:47 p.m.

5.5

CVSS3.1

CVE-2024-47535 - Denial of Service attack on windows app using Netty

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to…

📅 Published: Nov. 12, 2024, 3:50 p.m. 🔄 Last Modified: Sept. 5, 2025, 2 p.m.

9

CVSS3.1

CVE-2024-43415 - Decidim-Awesome: SQL injection in AdminAccountability

An improper neutralization of special elements used in an SQL command in the papertrail/version- model of the decidim_awesome-module <= v0.11.1 (> 0.9.0) allows an authenticated admin user to manipulate sql queries to disclose information, read and write files or execute commands.

📅 Published: Nov. 12, 2024, 3:45 p.m. 🔄 Last Modified: Nov. 14, 2024, 4:31 p.m.

9.8

CVSS3.1

CVE-2024-50330 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution.

📅 Published: Nov. 12, 2024, 3:42 p.m. 🔄 Last Modified: April 23, 2025, 9:29 p.m.

8.8

CVSS3.1

CVE-2024-50329 -

Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.

📅 Published: Nov. 12, 2024, 3:41 p.m. 🔄 Last Modified: Nov. 19, 2024, 4:56 a.m.

7.2

CVSS3.1

CVE-2024-50328 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

📅 Published: Nov. 12, 2024, 3:41 p.m. 🔄 Last Modified: Nov. 19, 2024, 4:55 a.m.

7.2

CVSS3.1

CVE-2024-50327 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

📅 Published: Nov. 12, 2024, 3:40 p.m. 🔄 Last Modified: Nov. 19, 2024, 4:55 a.m.

7.2

CVSS3.1

CVE-2024-50326 -

SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.

📅 Published: Nov. 12, 2024, 3:40 p.m. 🔄 Last Modified: Nov. 19, 2024, 4:56 a.m.
Total resulsts: 343923
Page 7405 of 34,393
« previous page » next page
Filters