CVEs from 2024
Total
6,686
critical
critical 124
high
high 1,048
medium
medium 2,024
low
low 48
% Critical
1.9%
% with KEV
2.4%
% with exploit
3.3%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-22421 | unknown | — | — | 2y ago | JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their `Au… | |||
| CVE-2024-22420 | unknown | — | — | 2y ago | JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. This vulnerability depends on user interaction by opening a malicio… | |||
| CVE-2024-21733 | unknown | — | — | 2y ago | Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Other, EOL vers… | |||
| CVE-2024-22491 | unknown | — | — | 2y ago | Stored Cross Site Scripting in beetl-bbs | |||
| CVE-2024-22492 | unknown | — | — | 2y ago | Cross-site Scripting in JFinal | |||
| CVE-2024-22493 | unknown | — | — | 2y ago | Cross-site Scripting in JFinal | |||
| CVE-2024-21651 | unknown | — | — | 2y ago | XWiki vulnerable to Denial of Service attack through attachments | |||
| CVE-2024-21650 | unknown | — | — | 2y ago | XWiki Remote Code Execution Vulnerability via User Registration | |||
| CVE-2024-21648 | unknown | — | — | 2y ago | XWiki has no right protection on rollback action | |||
| CVE-2024-23687 | unknown | — | — | 3y ago | Hard-coded System User Credentials in Folio Data Export Spring module | |||
| CVE-2024-23681 | unknown | — | — | 3y ago | Arbitrary code execution in de.tum.in.ase:artemis-java-test-sandbox | |||
| CVE-2024-23682 | unknown | — | — | 4y ago | Duplicate Advisory: Sandbox escape in Artemis Java Test Sandbox | |||
| CVE-2024-23684 | unknown | — | — | 4y ago | Duplicate Advisory: Inefficient Algorithmic Complexity in com.upokecenter:cbor | |||
| CVE-2024-23680 | unknown | — | — | 5y ago | Improper Verification of Cryptographic Signature in aws-encryption-sdk-java | |||
| CVE-2024-0758 | unknown | — | — | 5y ago | JavaScript execution via malicious molfiles (XSS) | |||
| CVE-2024-23688 | unknown | — | — | 5y ago | Discovery uses the same AES/GCM Nonce throughout the session |