CVE Database

4411+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2024-12995
3.5 LOW

A vulnerability classified as problematic has been found in ruifang-tech Rebuild 3.8.6. This affects an unknown part of the file /project/050-9000000000000001/tasks of the component Project …

Dec 28, 2024
CVE-2020-1824
3.7 LOW

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The …

Dec 28, 2024
CVE-2020-1823
3.7 LOW

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The …

Dec 28, 2024
CVE-2020-1822
3.7 LOW

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The …

Dec 28, 2024
CVE-2020-1821
3.7 LOW

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The …

Dec 28, 2024
CVE-2020-1820
3.7 LOW

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The …

Dec 28, 2024
CVE-2024-12991
3.5 LOW

A vulnerability was found in Beijing Longda Jushang Technology DBShop商城系统 3.3 Release 231225. It has been declared as problematic. This vulnerability affects unknown code of …

Dec 27, 2024
CVE-2020-9089
3.3 LOW

There is an information vulnerability in Huawei smartphones. A function in a module can be called without verifying the caller's access. Attackers with user access …

Dec 27, 2024
CVE-2020-9082
3.5 LOW

There is an information disclosure vulnerability in several smartphones. The system has a logic judging error under certain scenario, the attacker should gain the permit …

Dec 27, 2024
CVE-2020-9081
3.5 LOW

There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perform a series of operation in specific mode to exploit this vulnerability. …

Dec 27, 2024
CVE-2020-1819
3.7 LOW

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The …

Dec 27, 2024
CVE-2020-1818
3.7 LOW

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The …

Dec 27, 2024
CVE-2024-12983
2.4 LOW

A vulnerability classified as problematic has been found in code-projects Hospital Management System 1.0. This affects an unknown part of the file /hospital/hms/admin/manage-doctors.php of the …

Dec 27, 2024
CVE-2024-12982
2.4 LOW

A vulnerability was found in PHPGurukul Blood Bank & Donor Management System 2.4. It has been rated as problematic. Affected by this issue is some …

Dec 27, 2024
CVE-2024-47150
3.3 LOW

Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.

Dec 26, 2024
CVE-2024-47149
3.3 LOW

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.

Dec 26, 2024
CVE-2024-47157
2.9 LOW

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.

Dec 26, 2024
CVE-2024-47156
3.3 LOW

Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.

Dec 26, 2024
CVE-2024-56433
3.6 LOW

shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict …

Dec 26, 2024
CVE-2024-12933
3.5 LOW

A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of …

Dec 26, 2024
CVE-2024-12932
3.5 LOW

A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of …

Dec 26, 2024
CVE-2024-12930
3.5 LOW

A vulnerability was found in code-projects Simple Admin Panel 1.0 and classified as problematic. This issue affects some unknown processing of the file addCatController.php. The …

Dec 26, 2024
CVE-2024-56430
2.9 LOW

OpenFHE through 1.2.3 has a NULL pointer dereference in BinFHEContext::EvalFloor in lib/binfhe-base-scheme.cpp.

Dec 25, 2024
CVE-2023-5117
3.7 LOW

An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues …

Dec 25, 2024
CVE-2024-55539
2.5 LOW

Weak algorithm used to sign RPM package. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux) before build 39185, Acronis Cyber Protect 16 …

Dec 23, 2024
CVE-2024-12893
2.4 LOW

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to 2.9. Affected by this issue is some unknown functionality of …

Dec 22, 2024
CVE-2024-12892
3.5 LOW

A vulnerability classified as problematic was found in code-projects Online Exam Mastering System 1.0. Affected by this vulnerability is an unknown functionality of the file …

Dec 22, 2024
CVE-2024-12845
3.5 LOW

A vulnerability classified as problematic was found in Emlog Pro up to 2.4.1. Affected by this vulnerability is an unknown functionality in the library /include/lib/common.php. …

Dec 20, 2024
CVE-2024-44298
3.3 LOW

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. An app may be …

Dec 20, 2024
CVE-2020-9250
3.3 LOW

There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to …

Dec 20, 2024
CVE-2024-52589
2.2 LOW

Discourse is an open source platform for community discussion. Moderators can see the Screened emails list in the admin dashboard, and through that can learn …

Dec 19, 2024
CVE-2024-12790
3.5 LOW

A vulnerability was found in code-projects Hostel Management Site 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file room-details.php. …

Dec 19, 2024
CVE-2024-38864
3.3 LOW

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk < 2.3.0p23, < 2.2.0p38 and <= 2.1.0p49 (EOL) allows a local attacker to read …

Dec 19, 2024
CVE-2024-12783
3.5 LOW

A vulnerability was found in itsourcecode Vehicle Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /billaction.php. The …

Dec 19, 2024
CVE-2024-49820
3.7 LOW

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information, caused by the failure to …

Dec 17, 2024
CVE-2024-42194
3.1 LOW

An improper handling of insufficient permissions or privileges affects HCL BigFix Inventory. An attacker having access via a read-only account can possibly change certain configuration …

Dec 17, 2024
CVE-2024-9654
3.7 LOW

The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. This is due to a lack of sufficient …

Dec 17, 2024
CVE-2024-54125
3.3 LOW

Improper authorization in handler for custom URL scheme issue in "Shonen Jump+" App for Android versions prior to 4.0.0 allows an attacker to lead a …

Dec 17, 2024
CVE-2024-12667
3.7 LOW

A vulnerability was found in InvoicePlane up to 1.6.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /invoices/view. …

Dec 16, 2024
CVE-2024-12665
3.5 LOW

A vulnerability, which was classified as problematic, was found in ruifang-tech Rebuild 3.8.5. Affected is an unknown function of the component Task Comment Attachment Upload. …

Dec 16, 2024
CVE-2024-12664
3.5 LOW

A vulnerability, which was classified as problematic, has been found in ruifang-tech Rebuild 3.8.5. This issue affects some unknown processing of the component Project Task …

Dec 16, 2024
CVE-2024-12663
3.7 LOW

A vulnerability classified as problematic was found in funnyzpc Mee-Admin up to 1.6. This vulnerability affects unknown code of the file /mee/login of the component …

Dec 16, 2024
CVE-2024-56082
3.5 LOW

ChatBar.tsx in Lumos before 1.0.17 parses raw HTML in Markdown because the markdown-to-jsx package is used without disableParsingRawHTML set to true.

Dec 15, 2024
CVE-2023-41695
3.5 LOW

Missing Authorization vulnerability in Adnan Analytify wp-analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through <= 5.1.0.

Dec 13, 2024
CVE-2022-45819
3.5 LOW

Missing Authorization vulnerability in Popup Maker Popup Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Maker: from n/a through 1.17.1.

Dec 13, 2024
CVE-2021-32007
3.5 LOW

This issue affects: Secomea GateManager Version 9.5 and all prior versions. Protection Mechanism Failure vulnerability in web server of Secomea GateManager to potentially leak information …

Dec 13, 2024
CVE-2024-12300
3.7 LOW

The AR for WordPress plugin for WordPress is vulnerable to unauthorized double extension file upload due to a missing capability check on the set_ar_featured_image() function …

Dec 13, 2024
CVE-2024-10043
3.1 LOW

An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions …

Dec 12, 2024
CVE-2024-54493
3.3 LOW

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.2. Privacy indicators for microphone access may be attributed incorrectly.

Dec 12, 2024
CVE-2024-54491
3.3 LOW

The issue was resolved by sanitizing logging. This issue is fixed in macOS Sequoia 15.2. A malicious application may be able to determine a user's …

Dec 12, 2024

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.