CVE Database

4411+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2024-36250
3.1 LOW

Mattermost versions 9.11.x <= 9.11.2, and 9.5.x <= 9.5.10 fail to protect the mfa code against replay attacks, which allows an attacker to reuse the …

Nov 9, 2024
CVE-2024-11026
3.7 LOW

A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated as problematic. Affected by this issue is some unknown …

Nov 8, 2024
CVE-2024-47190
2.7 LOW

Northern.tech Hosted Mender before 2024.07.11 allows SSRF.

Nov 8, 2024
CVE-2024-50211
3.3 LOW

In the Linux kernel, the following vulnerability has been resolved: udf: refactor inode_bmap() to handle error Refactor inode_bmap() to handle error since udf_next_aext() can return …

Nov 8, 2024
CVE-2024-48011
3.1 LOW

Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A low privileged attacker with remote access …

Nov 8, 2024
CVE-2024-51993
3.4 LOW

Combodo iTop is a web based IT Service Management tool. An attacker accessing a backup file or the database can read some passwords for misconfigured …

Nov 7, 2024
CVE-2024-30142
3.8 LOW

HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not set, cookies may be stolen by …

Nov 7, 2024
CVE-2024-10928
3.5 LOW

A vulnerability was found in MonoCMS up to 20240528. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the …

Nov 6, 2024
CVE-2024-10927
3.5 LOW

A vulnerability was found in MonoCMS up to 20240528. It has been classified as problematic. Affected is an unknown function of the file /monofiles/account.php of …

Nov 6, 2024
CVE-2024-50345
3.1 LOW

symfony/http-foundation is a module for the Symphony PHP framework which defines an object-oriented layer for the HTTP specification. The `Request` class, does not parse URI …

Nov 6, 2024
CVE-2024-50343
3.1 LOW

symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to trick a `Validator` configured with a …

Nov 6, 2024
CVE-2024-50342
3.1 LOW

symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the `NoPrivateNetworkHttpClient`, some …

Nov 6, 2024
CVE-2024-50341
3.1 LOW

symfony/security-bundle is a module for the Symphony PHP framework which provides a tight integration of the Security component into the Symfony full-stack framework. The custom …

Nov 6, 2024
CVE-2024-10926
3.5 LOW

A vulnerability was found in IBPhoenix ibWebAdmin up to 1.0.2 and classified as problematic. This issue affects some unknown processing of the file /toggle_fold_panel.php of …

Nov 6, 2024
CVE-2024-51755
2.2 LOW

Twig is a template language for PHP. In a sandbox, an attacker can access attributes of Array-like objects as they were not checked by the …

Nov 6, 2024
CVE-2024-51754
2.2 LOW

Twig is a template language for PHP. In a sandbox, an attacker can call `__toString()` on an object even if the `__toString()` method is not …

Nov 6, 2024
CVE-2024-20528
3.8 LOW

A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload files to arbitrary locations on the underlying operating system …

Nov 6, 2024
CVE-2024-10920
3.1 LOW

A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. Affected by this issue is the function doFilterInternal of the file …

Nov 6, 2024
CVE-2024-34682
2.4 LOW

Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode.

Nov 6, 2024
CVE-2024-34675
2.4 LOW

Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen.

Nov 6, 2024
CVE-2024-50092
3.3 LOW

In the Linux kernel, the following vulnerability has been resolved: net: netconsole: fix wrong warning A warning is triggered when there is insufficient space in …

Nov 5, 2024
CVE-2024-10842
2.4 LOW

A vulnerability, which was classified as problematic, has been found in romadebrian WEB-Sekolah 1.0. Affected by this issue is some unknown functionality of the file …

Nov 5, 2024
CVE-2024-10840
2.4 LOW

A vulnerability classified as problematic has been found in romadebrian WEB-Sekolah 1.0. Affected is an unknown function of the file /Admin/akun_edit.php of the component Backend. …

Nov 5, 2024
CVE-2024-47402
3.3 LOW

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read.

Nov 5, 2024
CVE-2024-10807
2.4 LOW

A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been rated as problematic. This issue affects some unknown processing of the file …

Nov 5, 2024
CVE-2024-10806
2.4 LOW

A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been declared as problematic. This vulnerability affects unknown code of the file betweendates-detailsreports.php. …

Nov 5, 2024
CVE-2024-51744
3.1 LOW

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially …

Nov 4, 2024
CVE-2024-10768
3.5 LOW

A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/two_tables.php. The manipulation of …

Nov 4, 2024
CVE-2024-10757
3.5 LOW

A vulnerability, which was classified as problematic, has been found in PHPGurukul Online Shopping Portal 2.0. Affected by this issue is some unknown functionality of …

Nov 4, 2024
CVE-2024-10756
3.5 LOW

A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/html_table.php. …

Nov 4, 2024
CVE-2024-10755
3.5 LOW

A vulnerability classified as problematic has been found in PHPGurukul Online Shopping Portal 2.0. Affected is an unknown function of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/empty_table.php. The manipulation …

Nov 4, 2024
CVE-2024-10754
3.5 LOW

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been rated as problematic. This issue affects some unknown processing of the file …

Nov 4, 2024
CVE-2024-10753
3.5 LOW

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data_two_headers.php. …

Nov 4, 2024
CVE-2024-10748
2.5 LOW

A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. This issue affects some unknown processing …

Nov 4, 2024
CVE-2024-10747
3.5 LOW

A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data_th.php. The manipulation of …

Nov 4, 2024
CVE-2024-10746
3.5 LOW

A vulnerability classified as problematic has been found in PHPGurukul Online Shopping Portal 2.0. This affects an unknown part of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data.php. The manipulation …

Nov 4, 2024
CVE-2024-10745
3.5 LOW

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of …

Nov 3, 2024
CVE-2024-10744
3.5 LOW

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of …

Nov 3, 2024
CVE-2024-10743
3.5 LOW

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been classified as problematic. Affected is an unknown function of the file /shopping/admin/assets/plugins/DataTables/examples/examples_support/editable_ajax.php. …

Nov 3, 2024
CVE-2024-10701
3.5 LOW

A vulnerability was found in PHPGurukul Car Rental Portal 1.0. It has been rated as problematic. This issue affects some unknown processing of the file …

Nov 2, 2024
CVE-2024-7883
3.7 LOW

When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure to Non-secure function …

Oct 31, 2024
CVE-2024-33623
3.7 LOW

A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to a reboot. …

Oct 30, 2024
CVE-2024-10503
3.5 LOW

A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The …

Oct 30, 2024
CVE-2024-10228
3.8 LOW

The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path that could be modified by an unprivileged user, introducing potential for …

Oct 29, 2024
CVE-2024-10452
2.2 LOW

Organization admins can delete pending invites created in an organization they are not part of.

Oct 29, 2024
CVE-2024-48921
2.7 LOW

Kyverno is a policy engine designed for Kubernetes. A kyverno ClusterPolicy, ie. "disallow-privileged-containers," can be overridden by the creation of a PolicyException in a random …

Oct 29, 2024
CVE-2024-41156
2.7 LOW

Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos …

Oct 29, 2024
CVE-2024-10479
2.4 LOW

A vulnerability, which was classified as problematic, was found in LinZhaoguan pb-cms up to 2.0.1. Affected is an unknown function of the file /admin#themes of …

Oct 29, 2024
CVE-2024-10478
2.4 LOW

A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms up to 2.0.1. This issue affects some unknown processing of the file …

Oct 29, 2024
CVE-2024-10477
2.4 LOW

A vulnerability classified as problematic was found in LinZhaoguan pb-cms up to 2.0.1. This vulnerability affects unknown code of the file /admin#permissions of the component …

Oct 29, 2024

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.