CVE Database

4425+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2024-20810
3.3 LOW

Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information.

Feb 6, 2024
CVE-2024-1075
3.7 LOW

The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to maintenance mode bypass and information disclosure in all versions up to, …

Feb 5, 2024
CVE-2024-24807
2.7 LOW

Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. There is an issue when inputting HTML into the Tag …

Feb 5, 2024
CVE-2024-24559
3.7 LOW

Vyper is a Pythonic Smart Contract Language for the EVM. There is an error in the stack management when compiling the `IR` for `sha3_64`. Concretely, …

Feb 5, 2024
CVE-2024-24861
3.3 LOW

A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly …

Feb 5, 2024
CVE-2015-10129
3.7 LOW

A vulnerability was found in planet-freo up to 20150116 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/inc/auth.inc.php. …

Feb 4, 2024
CVE-2024-1215
3.5 LOW

A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality …

Feb 3, 2024
CVE-2024-23553
3.0 LOW

A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform exists due to missing a specific http header attribute.

Feb 2, 2024
CVE-2024-1194
3.3 LOW

A vulnerability classified as problematic has been found in Armcode AlienIP 2.41. Affected is an unknown function of the component Locate Host Handler. The manipulation …

Feb 2, 2024
CVE-2024-1193
3.3 LOW

A vulnerability was found in Navicat 12.0.29. It has been rated as problematic. This issue affects some unknown processing of the component MySQL Conecction Handler. …

Feb 2, 2024
CVE-2024-1190
3.3 LOW

A vulnerability was found in Global Scape CuteFTP 9.3.0.3 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the …

Feb 2, 2024
CVE-2024-1188
3.3 LOW

A vulnerability, which was classified as problematic, was found in Rizone Soft Notepad3 1.0.2.350. Affected is an unknown function of the component Encryption Passphrase Handler. …

Feb 2, 2024
CVE-2024-1187
3.3 LOW

A vulnerability, which was classified as problematic, has been found in Munsoft Easy Outlook Express Recovery 2.0. This issue affects some unknown processing of the …

Feb 2, 2024
CVE-2024-24560
3.7 LOW

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. When calls to external contracts are made, we write the input buffer starting …

Feb 2, 2024
CVE-2024-1186
3.3 LOW

A vulnerability classified as problematic was found in Munsoft Easy Archive Recovery 2.0. This vulnerability affects unknown code of the component Registration Key Handler. The …

Feb 2, 2024
CVE-2024-1185
3.3 LOW

A vulnerability classified as problematic has been found in Nsasoft NBMonitor Network Bandwidth Monitor 1.6.5.0. This affects an unknown part of the component Registration Handler. …

Feb 2, 2024
CVE-2023-50359
3.4 LOW

An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated administrators to …

Feb 2, 2024
CVE-2023-45037
3.8 LOW

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow …

Feb 2, 2024
CVE-2023-45036
3.8 LOW

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow …

Feb 2, 2024
CVE-2023-45035
3.8 LOW

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow …

Feb 2, 2024
CVE-2023-41292
3.8 LOW

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow …

Feb 2, 2024
CVE-2024-1184
3.3 LOW

A vulnerability was found in Nsasoft Network Sleuth 3.0.0.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the …

Feb 2, 2024
CVE-2024-21851
2.9 LOW

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow.

Feb 2, 2024
CVE-2024-21845
2.9 LOW

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause heap overflow through integer overflow.

Feb 2, 2024
CVE-2023-49118
2.9 LOW

in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read.

Feb 2, 2024
CVE-2023-43756
2.9 LOW

in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read.

Feb 2, 2024
CVE-2023-46159
2.6 LOW

IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to cause a denial of service from RGW. IBM X-Force …

Feb 2, 2024
CVE-2023-50328
3.7 LOW

IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings. IBM X-Force ID: 275110.

Feb 2, 2024
CVE-2024-0325
3.6 LOW

In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by Bryan Riggins.

Feb 1, 2024
CVE-2024-24754
3.7 LOW

Bref enable serverless PHP on AWS Lambda. When Bref is used with the Event-Driven Function runtime and the handler is a `RequestHandlerInterface`, then the Lambda …

Feb 1, 2024
CVE-2024-1103
3.5 LOW

A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality …

Jan 31, 2024
CVE-2023-7043
3.3 LOW

Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions.

Jan 31, 2024
CVE-2024-1099
3.5 LOW

A vulnerability was found in Rebuild up to 3.5.5. It has been classified as problematic. Affected is the function getFileOfData of the file /filex/read-raw. The …

Jan 31, 2024
CVE-2024-22236
3.3 LOW

In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to …

Jan 31, 2024
CVE-2024-23825
3.0 LOW

TablePress is a table plugin for Wordpress. For importing tables, TablePress makes external HTTP requests based on a URL that is provided by the user. …

Jan 30, 2024
CVE-2024-22200
3.3 LOW

vantage6-UI is the User Interface for vantage6. The docker image used to run the UI leaks the nginx version. To mitigate the vulnerability, users can …

Jan 30, 2024
CVE-2024-22193
3.5 LOW

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). There are no checks on whether …

Jan 30, 2024
CVE-2024-21671
3.7 LOW

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). It is possible to find out …

Jan 30, 2024
CVE-2024-1031
3.5 LOW

A vulnerability was found in CodeAstro Expense Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file templates/5-Add-Expenses.php …

Jan 30, 2024
CVE-2024-1030
3.5 LOW

A vulnerability was found in Cogites eReserv 7.7.58. It has been classified as problematic. This affects an unknown part of the file /front/admin/tenancyDetail.php. The manipulation …

Jan 30, 2024
CVE-2024-21803
3.5 LOW

Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with …

Jan 30, 2024
CVE-2024-1029
3.5 LOW

A vulnerability was found in Cogites eReserv 7.7.58 and classified as problematic. Affected by this issue is some unknown functionality of the file /front/admin/tenancyDetail.php. The …

Jan 30, 2024
CVE-2024-1028
3.5 LOW

A vulnerability has been found in SourceCodester Facebook News Feed Like 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of …

Jan 30, 2024
CVE-2024-1026
3.5 LOW

A vulnerability was found in Cogites eReserv 7.7.58 and classified as problematic. This issue affects some unknown processing of the file front/admin/config.php. The manipulation of …

Jan 30, 2024
CVE-2024-1024
3.5 LOW

A vulnerability has been found in SourceCodester Facebook News Feed Like 1.0 and classified as problematic. This vulnerability affects unknown code of the component New …

Jan 30, 2024
CVE-2024-1022
2.4 LOW

A vulnerability, which was classified as problematic, was found in CodeAstro Simple Student Result Management System 5.6. This affects an unknown part of the file …

Jan 29, 2024
CVE-2024-1020
3.5 LOW

A vulnerability classified as problematic was found in Rebuild up to 3.5.5. Affected by this vulnerability is the function getStorageFile of the file /filex/proxy-download. The …

Jan 29, 2024
CVE-2024-1018
2.4 LOW

A vulnerability classified as problematic has been found in PbootCMS 3.2.5-20230421. Affected is an unknown function of the file /admin.php?p=/Area/index#tab=t2. The manipulation of the argument …

Jan 29, 2024
CVE-2023-22836
3.5 LOW

In cases where a multi-tenant stack user is operating Foundry’s Linter service, and the user changes a group name from the default value, the renamed …

Jan 29, 2024
CVE-2024-1010
3.5 LOW

A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. This affects an unknown part of the file edit-profile.php. The manipulation …

Jan 29, 2024

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.