CVE Database

4411+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2024-8462
3.7 LOW

A vulnerability was found in Windmill 1.380.0. It has been classified as problematic. Affected is an unknown function of the file backend/windmill-api/src/users.rs of the component …

Sep 5, 2024
CVE-2024-8460
3.7 LOW

A vulnerability, which was classified as problematic, has been found in D-Link DNS-320 2.02b01. Affected by this issue is some unknown functionality of the file …

Sep 5, 2024
CVE-2024-45395
3.1 LOW

sigstore-go, a Go library for Sigstore signing and verification, is susceptible to a denial of service attack in versions prior to 0.6.1 when a verifier …

Sep 4, 2024
CVE-2024-8417
3.1 LOW

A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 1.5.5. It has been declared as problematic. This vulnerability affects unknown code of …

Sep 4, 2024
CVE-2024-45314
3.6 LOW

Flask-AppBuilder is an application development framework. Prior to version 4.5.1, the auth DB login form default cache directives allows browser to locally store sensitive data. …

Sep 4, 2024
CVE-2024-8411
3.5 LOW

A vulnerability was determined in ABCD ABCD2 up to 2.2.0-beta-1. Impacted is an unknown function of the file /buscar_integrada.php. Executing a manipulation of the argument …

Sep 4, 2024
CVE-2024-8407
3.5 LOW

A vulnerability was found in alwindoss akademy up to 35caccea888ed63d5489e211c99edff1f62efdba. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of …

Sep 4, 2024
CVE-2024-34649
2.4 LOW

Improper access control in new Dex Mode in multitasking framework prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access an unlocked screen.

Sep 4, 2024
CVE-2024-34640
3.3 LOW

Improper access control vulnerability in BGProtectManager prior to SMR Sep-2024 Release 1 allows local attackers to bypass restriction of process expiration.

Sep 4, 2024
CVE-2024-45620
3.9 LOW

A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the …

Sep 3, 2024
CVE-2024-45618
3.9 LOW

A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with …

Sep 3, 2024
CVE-2024-45617
3.9 LOW

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which …

Sep 3, 2024
CVE-2024-45616
3.9 LOW

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which …

Sep 3, 2024
CVE-2024-45615
3.9 LOW

A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as …

Sep 3, 2024
CVE-2024-45310
3.6 LOW

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, …

Sep 3, 2024
CVE-2024-43413
3.5 LOW

Xibo is an open source digital signage platform with a web content management system (CMS). Prior to version 4.1.0, a cross-site scripting vulnerability in Xibo …

Sep 3, 2024
CVE-2024-45305
2.5 LOW

gix-path is a crate of the gitoxide project dealing with git paths and their conversions. `gix-path` executes `git` to find the path of a configuration …

Sep 2, 2024
CVE-2023-7279
2.6 LOW

A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and classified as problematic. This vulnerability affects unknown code of the file …

Sep 2, 2024
CVE-2024-28044
3.3 LOW

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause crash through integer overflow.

Sep 2, 2024
CVE-2024-8370
3.5 LOW

A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability affects unknown code of the file /api/files/recipepictures/ of the component SVG …

Sep 1, 2024
CVE-2024-8367
3.5 LOW

A vulnerability was found in HM Courts & Tribunals Service Probate Back Office up to c1afe0cdb2b2766d9e24872c4e827f8b82a6cd31. It has been classified as problematic. Affected is an …

Sep 1, 2024
CVE-2024-0109
3.3 LOW

NVIDIA CUDA Toolkit contains a vulnerability in command `cuobjdump` where a user may cause a crash by passing in a malformed ELF file. A successful …

Aug 31, 2024
CVE-2024-44918
3.5 LOW

A cross-site scripting (XSS) vulnerability in the component admin_datarelate.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

Aug 30, 2024
CVE-2024-8337
3.5 LOW

A vulnerability, which was classified as problematic, has been found in SourceCodester Contact Manager with Export to VCF 1.0. Affected by this issue is some …

Aug 30, 2024
CVE-2024-39300
3.7 LOW

Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login …

Aug 30, 2024
CVE-2024-2502
2.0 LOW

An application can be configured to block boot attempts after consecutive tamper resets are detected, which may not occur as expected. This is possible because …

Aug 29, 2024
CVE-2024-43944
3.7 LOW

Authentication Bypass by Spoofing vulnerability in ilyasine Maintenance & Coming Soon Redirect Animation maintenance-coming-soon-redirect-animation allows Identity Spoofing.This issue affects Maintenance & Coming Soon Redirect Animation: …

Aug 29, 2024
CVE-2024-38304
3.8 LOW

Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker …

Aug 29, 2024
CVE-2024-45054
2.8 LOW

Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has * verbs of * resources. If a malicious user can access …

Aug 28, 2024
CVE-2024-8209
3.5 LOW

A vulnerability was found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file …

Aug 27, 2024
CVE-2024-8208
3.5 LOW

A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the …

Aug 27, 2024
CVE-2024-42792
3.5 LOW

A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via /music/ajax.php?action=delete_playlist page.

Aug 26, 2024
CVE-2024-8172
3.5 LOW

A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Attendance System 1.0. This issue affects some unknown processing of the …

Aug 26, 2024
CVE-2024-8170
3.5 LOW

A vulnerability classified as problematic has been found in SourceCodester Zipped Folder Manager App 1.0. This affects an unknown part of the file /endpoint/add-folder.php. The …

Aug 26, 2024
CVE-2024-8154
3.5 LOW

A vulnerability classified as problematic has been found in SourceCodester QR Code Bookmark System 1.0. Affected is an unknown function of the file /endpoint/update-bookmark.php of …

Aug 25, 2024
CVE-2024-8153
3.5 LOW

A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been rated as problematic. This issue affects some unknown processing of the …

Aug 25, 2024
CVE-2024-8152
3.5 LOW

A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file …

Aug 25, 2024
CVE-2024-8151
3.5 LOW

A vulnerability was found in SourceCodester Interactive Map with Marker 1.0. It has been classified as problematic. This affects an unknown part of the file …

Aug 25, 2024
CVE-2024-8145
2.4 LOW

A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by this issue is some unknown functionality of the file /index.php/admin …

Aug 25, 2024
CVE-2024-8144
3.5 LOW

A vulnerability classified as problematic was found in ClassCMS 4.8. Affected by this vulnerability is an unknown functionality of the file /index.php/admin of the component …

Aug 25, 2024
CVE-2024-8142
3.5 LOW

A vulnerability was found in SourceCodester Daily Calories Monitoring Tool 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file …

Aug 25, 2024
CVE-2024-8141
3.5 LOW

A vulnerability was found in SourceCodester Daily Calories Monitoring Tool 1.0. It has been classified as problematic. This affects an unknown part of the file …

Aug 25, 2024
CVE-2024-8140
3.5 LOW

A vulnerability was found in SourceCodester Task Progress Tracker 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file …

Aug 25, 2024
CVE-2024-8137
3.5 LOW

A vulnerability has been found in SourceCodester Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file search_user.php. The …

Aug 24, 2024
CVE-2024-8136
3.5 LOW

A vulnerability, which was classified as problematic, was found in SourceCodester Record Management System 1.0. This affects an unknown part of the file sort1_user.php. The …

Aug 24, 2024
CVE-2024-8084
2.4 LOW

A vulnerability, which was classified as problematic, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file …

Aug 22, 2024
CVE-2024-40884
2.7 LOW

Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to properly enforce permissions which allows a team admin user without "Add Team Members" permission to …

Aug 22, 2024
CVE-2024-43785
2.5 LOW

gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gitoxide-core, which provides most underlying functionality of the gix and ein commands, does …

Aug 22, 2024
CVE-2022-48939
3.3 LOW

In the Linux kernel, the following vulnerability has been resolved: bpf: Add schedule points in batch ops syzbot reported various soft lockups caused by bpf …

Aug 22, 2024
CVE-2022-48937
3.3 LOW

In the Linux kernel, the following vulnerability has been resolved: io_uring: add a schedule point in io_add_buffers() Looping ~65535 times doing kmalloc() calls can trigger …

Aug 22, 2024

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.