CVE Database

4425+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2024-3138
3.5 LOW

** DISPUTED ** A vulnerability was found in francoisjacquet RosarioSIS 11.5.1. It has been rated as problematic. This issue affects some unknown processing of the …

Apr 1, 2024
CVE-2024-27332
3.3 LOW

PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. …

Apr 1, 2024
CVE-2024-27331
3.3 LOW

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. …

Apr 1, 2024
CVE-2024-27330
3.3 LOW

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. …

Apr 1, 2024
CVE-2024-3128
2.4 LOW

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, has been found in Replify-Messenger 1.0 on Android. This issue affects some unknown …

Apr 1, 2024
CVE-2024-3125
2.4 LOW

A vulnerability classified as problematic was found in Zebra ZTC GK420d 1.0. This vulnerability affects unknown code of the file /settings of the component Alert …

Apr 1, 2024
CVE-2024-3124
2.4 LOW

A vulnerability classified as problematic has been found in fridgecow smartalarm 1.8.1 on Android. This affects an unknown part of the file androidmanifest.xml of the …

Apr 1, 2024
CVE-2022-4966
3.5 LOW

A vulnerability was found in sequentech admin-console up to 6.1.7 and classified as problematic. Affected by this issue is some unknown functionality of the component …

Apr 1, 2024
CVE-2024-20051
2.3 LOW

In flashc, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with System execution privileges …

Apr 1, 2024
CVE-2024-20045
2.3 LOW

In audio, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure …

Apr 1, 2024
CVE-2014-125110
3.5 LOW

A vulnerability has been found in wp-file-upload Plugin up to 2.4.3 on WordPress and classified as problematic. Affected by this vulnerability is the function wfu_ajax_action_callback …

Apr 1, 2024
CVE-2023-50311
3.1 LOW

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages.

Mar 31, 2024
CVE-2020-36828
3.5 LOW

A vulnerability was found in DiscuzX up to 3.4-20200818. It has been classified as problematic. Affected is the function show_next_step of the file upload/install/include/install_function.php. The …

Mar 31, 2024
CVE-2017-20191
3.5 LOW

A vulnerability was found in Zimbra zm-admin-ajax up to 8.8.1. It has been classified as problematic. This affects the function XFormItem.prototype.setError of the file WebRoot/js/ajax/dwt/xforms/XFormItem.js …

Mar 31, 2024
CVE-2015-10131
3.5 LOW

A vulnerability was found in chrisy TFO Graphviz Plugin up to 1.9 on WordPress and classified as problematic. Affected by this issue is the function …

Mar 31, 2024
CVE-2024-3091
2.4 LOW

A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. It has been classified as problematic. Affected is an unknown function of the file …

Mar 30, 2024
CVE-2024-3090
2.4 LOW

A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/add-ambulance.php …

Mar 30, 2024
CVE-2024-3081
3.5 LOW

A vulnerability was found in EasyCorp EasyAdmin up to 4.8.9. It has been declared as problematic. Affected by this vulnerability is the function Autocomplete of …

Mar 29, 2024
CVE-2024-30507
2.7 LOW

Authorization Bypass Through User-Controlled Key vulnerability in Molongui.This issue affects Molongui: from n/a through 4.7.7.

Mar 29, 2024
CVE-2023-45715
3.5 LOW

The console may experience a service interruption when processing file names with invalid characters.

Mar 28, 2024
CVE-2023-45706
2.0 LOW

An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the Middle (MITM) exploit through SAML configuration.

Mar 28, 2024
CVE-2023-45705
3.5 LOW

An administrative user of WebReports may perform a Server Side Request Forgery (SSRF) exploit through SMTP configuration options.

Mar 28, 2024
CVE-2024-3004
3.5 LOW

A vulnerability was found in code-projects Online Book System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file …

Mar 27, 2024
CVE-2024-2998
2.4 LOW

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been rated as problematic. Affected by this issue is some …

Mar 27, 2024
CVE-2024-2997
2.4 LOW

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been declared as problematic. Affected by this vulnerability is an …

Mar 27, 2024
CVE-2024-2996
2.4 LOW

A vulnerability was found in Bdtask Multi-Store Inventory Management System up to 20240320. It has been classified as problematic. Affected is an unknown function of …

Mar 27, 2024
CVE-2024-28085
3.3 LOW

wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape …

Mar 27, 2024
CVE-2024-28853
3.9 LOW

Ampache is a web based audio/video streaming application and file manager. Stored Cross Site Scripting (XSS) vulnerability in ampache before v6.3.1 allows a remote attacker …

Mar 27, 2024
CVE-2024-2004
3.5 LOW

When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due …

Mar 27, 2024
CVE-2023-46051
3.3 LOW

TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem.

Mar 27, 2024
CVE-2024-2940
3.5 LOW

A vulnerability classified as problematic was found in Campcodes Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /adminpanel/admin/facebox_modal/updateCourse.php. …

Mar 27, 2024
CVE-2024-2939
3.5 LOW

A vulnerability classified as problematic has been found in Campcodes Online Examination System 1.0. Affected is an unknown function of the file /adminpanel/admin/facebox_modal/updateExaminee.php. The manipulation …

Mar 27, 2024
CVE-2024-2935
3.5 LOW

A vulnerability, which was classified as problematic, has been found in SourceCodester Todo List in Kanban Board 1.0. Affected by this issue is some unknown …

Mar 27, 2024
CVE-2024-2971
2.9 LOW

Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file.

Mar 26, 2024
CVE-2023-33855
3.7 LOW

Under certain conditions, RSA operations performed by IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 may exhibit non-constant-time behavior. This could allow a remote attacker …

Mar 26, 2024
CVE-2024-29199
3.7 LOW

Nautobot is a Network Source of Truth and Network Automation Platform. A number of Nautobot URL endpoints were found to be improperly accessible to unauthenticated …

Mar 26, 2024
CVE-2024-29196
3.8 LOW

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. There is a Path Traversal vulnerability in Attachments …

Mar 26, 2024
CVE-2024-30204
2.8 LOW

In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.

Mar 25, 2024
CVE-2020-36826
3.5 LOW

A vulnerability was found in AwesomestCode LiveBot. It has been classified as problematic. Affected is the function parseSend of the file js/parseMessage.js. The manipulation leads …

Mar 25, 2024
CVE-2024-2832
3.5 LOW

A vulnerability classified as problematic was found in Campcodes Online Shopping System 1.0. This vulnerability affects unknown code of the file /offersmail.php. The manipulation of …

Mar 23, 2024
CVE-2024-29338
2.4 LOW

Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via /anchor/admin/categories/delete/2.

Mar 22, 2024
CVE-2023-23349
2.2 LOW

Kaspersky has fixed a security issue in Kaspersky Password Manager (KPM) for Windows that allowed a local user to recover the auto-filled credentials from a …

Mar 22, 2024
CVE-2022-32756
2.7 LOW

IBM Security Verify Directory 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. …

Mar 22, 2024
CVE-2024-1742
3.8 LOW

Invocation of the sqlplus command with sensitive information in the command line in the mk_oracle Checkmk agent plugin before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and …

Mar 22, 2024
CVE-2024-2780
3.5 LOW

A vulnerability was found in Campcodes Online Marriage Registration System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file …

Mar 22, 2024
CVE-2024-2779
3.5 LOW

A vulnerability was found in Campcodes Online Marriage Registration System 1.0. It has been classified as problematic. This affects an unknown part of the file …

Mar 22, 2024
CVE-2024-2778
3.5 LOW

A vulnerability was found in Campcodes Online Marriage Registration System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the …

Mar 22, 2024
CVE-2024-2775
3.5 LOW

A vulnerability, which was classified as problematic, has been found in Campcodes Online Marriage Registration System 1.0. This issue affects some unknown processing of the …

Mar 21, 2024
CVE-2024-2773
3.5 LOW

A vulnerability classified as problematic has been found in Campcodes Online Marriage Registration System 1.0. This affects an unknown part of the file /user/search.php. The …

Mar 21, 2024
CVE-2023-52620
2.5 LOW

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow timeout for anonymous sets Never used from userspace, disallow these parameters.

Mar 21, 2024

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.