CVEs from 2024
Total
7,194
critical
critical 114
high
high 1,043
medium
medium 1,991
low
low 40
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.3%
Top vendors
Top products
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2024-53057 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed t… | |
| CVE-2024-56631 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sg_release() Fix a use-after-free bug in sg_release(), detected by syzbot with KASAN: … | |
| CVE-2024-53166 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfq_limit_depth() Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by b… | |
| CVE-2024-47745 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: mm: call the security_mmap_file() LSM hook in remap_file_pages() The remap_file_pages syscall handler calls do_mmap() directly, w… | |
| CVE-2024-50150 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a… | |
| CVE-2024-53059 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() 1. The size of the response packet is not validated. 2. … | |
| CVE-2024-44987 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6_send_skb() syzbot reported an UAF in ip6_send_skb() [1] After ip6_local_out() has returned, we no longe… | |
| CVE-2024-50127 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch /… | |
| CVE-2024-50151 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOBs when building SMB2_IOCTL request When using encryption, either enforced by the server or when using 'seal' … | |
| CVE-2024-49930 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11k_soc_dp_stats::hal_reo_error array is defined with … | |
| CVE-2024-42302 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently… | |
| CVE-2024-57979 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: pps: Fix a use-after-free On a board running ntpd and gpsd, I'm seeing a consistent use-after-free in sys_exit() from gpsd when r… | |
| CVE-2024-57258 | high | 7.8 | 7.8 | 1y ago | Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdiff_t is mishandled on x86_64. | |
| CVE-2024-12251 | high | 7.8 | 7.8 | 1y ago | In Progress Telerik UI for WinUI versions prior to 2025 Q1 (3.0.0), a command injection attack is possible through improper neutralization of hyperlink elements. | |
| CVE-2024-57951 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: hrtimers: Handle CPU state correctly on hotplug Consider a scenario where a CPU transitions from CPUHP_ONLINE to halfway through … | |
| CVE-2024-50262 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key() trie_get_next_key() allocates a node stack with size trie->max_prefixlen, whi… | |
| CVE-2024-27395 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of… | |
| CVE-2024-35886 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6_dump_done(). syzkaller reported infinite recursive calls of fib6_dump_done() during netlink … | |
| CVE-2024-26882 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() Apply the same fix than ones found in : 8d975c15c0cd ("ip6_tun… | |
| CVE-2024-36974 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_par… | |
| CVE-2024-36940 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). I… | |
| CVE-2024-35905 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack m… | |
| CVE-2024-43830 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate() Triggers which have trigger specific sysfs attributes typi… | |
| CVE-2024-26988 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: init/main.c: Fix potential static_command_line memory overflow We allocate memory of size 'xlen + strlen(boot_command_line) + 1' … | |
| CVE-2024-26951 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), … | |
| CVE-2024-26958 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------[ cut here ]----… | |
| CVE-2024-26934 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface() Among the attribute file callback routines in drivers/usb/core/sysfs.c, th… | |
| CVE-2024-26907 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------[ cut here ]------------ memcpy: detected field-s… | |
| CVE-2024-23307 | high | 7.8 | 7.8 | 2y ago | Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow. | |
| CVE-2024-50246 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add rough attr alloc_size check | |
| CVE-2024-50131 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. I… | |
| CVE-2024-26961 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mac802154: fix llsec key resources release in mac802154_llsec_key_del mac802154_llsec_key_del() can free resources of a key direc… | |
| CVE-2024-49894 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in degamma hardware format translation Fixes index out of bounds issue in `cm_helper_tra… | |
| CVE-2024-47742 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained forma… | |
| CVE-2024-47730 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - inject error before stopping queue The master ooo cannot be completely closed when the accelerator core re… | |
| CVE-2024-47701 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem When looking up for an entry in an inlined directory, if… | |
| CVE-2024-47698 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error Ensure index in rtl2832_pid_filter does not exceed 31 to … | |
| CVE-2024-47697 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error Ensure index in rtl2830_pid_filter does not exceed 31 to … | |
| CVE-2024-47696 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency In the commit aee2424246f9 ("RDMA/iwcm: Fix a use-after-free… | |
| CVE-2024-39502 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ionic: fix use after netif_napi_del() When queues are started, netif_napi_add() and napi_enable() are called. If there are 4 queu… | |
| CVE-2024-36978 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune() q->bands will be assigned to qopt->bands to execute subsequent co… | |
| CVE-2024-46859 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses The panasonic laptop code in various places uses the SINF a… | |
| CVE-2024-46852 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VM_DONTEXPAND was added in commit 1c1914d6e8c6 ("dma-buf: heaps: D… | |
| CVE-2024-46849 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card->dai_link' is reallocated in 'meson_card_reallocate_links()', so move 'p… | |
| CVE-2024-46830 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS Grab kvm->srcu when processing KVM_SET_VCPU_EVENTS, as KVM will for… | |
| CVE-2024-46821 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clk_idex as an index into an array pptable->DpmDesc… | |
| CVE-2024-46813 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_index before accessing dc->links[] [WHY & HOW] dc->links[] has max size of MAX_LINKS and NULL is retu… | |
| CVE-2024-46812 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration [Why] Coverity reports Memory - illegal accesses. … | |
| CVE-2024-38250 | high | 7.8 | 7.8 | 2y ago | Windows Graphics Component Elevation of Privilege Vulnerability | |
| CVE-2024-43858 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree | |
| CVE-2024-27065 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify… | |
| CVE-2024-40958 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netns: Make get_net_ns() handle zero refcount net Syzkaller hit a warning: refcount_t: addition on 0; use-after-free. WARNING: CP… | |
| CVE-2024-35789 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afte… | |
| CVE-2024-26852 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found another use-after-free in ip6_route_mpath_notify() [1] Com… | |
| CVE-2024-36904 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). Anderson Nascimento reported a use-after-free splat in tcp_twsk_unique() w… | |
| CVE-2024-41000 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer show… | |
| CVE-2024-38578 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields… | |
| CVE-2024-38552 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color transformation function Fixes index out of bounds issue in the color … | |
| CVE-2024-30104 | high | 7.8 | 7.8 | 2y ago | Microsoft Office Remote Code Execution Vulnerability | |
| CVE-2024-27396 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dell… | |
| CVE-2024-27024 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/rds: fix WARNING in rds_conn_connect_if_down If connection isn't established yet, get_mr() will fail, trigger connection afte… | |
| CVE-2024-26898 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: … | |
| CVE-2024-26895 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces wilc_netdev_cleanup currently triggers a KASAN warn… | |
| CVE-2024-26885 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix DEVMAP_HASH overflow check on 32-bit arches The devmap code allocates a number hash buckets equal to the next power of t… | |
| CVE-2024-26884 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash bu… | |
| CVE-2024-26883 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check on 32-bit arches The stackmap code relies on roundup_pow_of_two() to compute the number of hash … | |
| CVE-2024-26257 | high | 7.8 | 7.8 | 2y ago | Microsoft Excel Remote Code Execution Vulnerability | |
| CVE-2024-20673 | high | 7.8 | 7.8 | 2y ago | Microsoft Office Remote Code Execution Vulnerability | |
| CVE-2024-1438 | high | 7.7 | 7.7 | 2y ago | Missing Authorization vulnerability in PressFore Rolo Slider.This issue affects Rolo Slider: from n/a through 1.0.9. | |
| CVE-2024-54284 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through … | |
| CVE-2024-54283 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through … | |
| CVE-2024-34386 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lucian Apostol Auto Affiliate Links.This issue affects Auto Affiliate Links: from n/a through 6.4… | |
| CVE-2024-32810 | high | 7.6 | 7.6 | 2y ago | Missing Authorization vulnerability in ShortPixel ShortPixel Critical CSS.This issue affects ShortPixel Critical CSS: from n/a through 1.0.2. | |
| CVE-2024-32693 | high | 7.6 | 7.6 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in ValvePress Automatic.This issue affects Automatic: from n/a before 3.93.0. | |
| CVE-2024-32551 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager : from… | |
| CVE-2024-32136 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through … | |
| CVE-2024-32135 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPZest Disable Comments | WPZest.This issue affects Disable Comments | WPZest: from n/a through 1… | |
| CVE-2024-32134 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nasirahmed Forms to Zapier, Integromat, IFTTT, Workato, Automate.Io, elastic.Io, Built.Io, APIANT… | |
| CVE-2024-32132 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Codeboxr Team CBX Bookmark & Favorite.This issue affects CBX Bookmark & Favorite: from n/a throug… | |
| CVE-2024-32098 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: fr… | |
| CVE-2024-31356 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin Infotech User Activity Log.This issue affects User Activity Log: from n/a through 1.8. | |
| CVE-2024-31241 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThimPress LearnPress Export Import.This issue affects LearnPress Export Import: from n/a through … | |
| CVE-2024-30494 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 沈唁 OSS Aliyun.This issue affects OSS Aliyun: from n/a through 1.4.10. | |
| CVE-2024-30487 | high | 7.6 | 7.6 | 2y ago | Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 5.… | |
| CVE-2024-25924 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Trustindex.Io WP Testimonials.This issue affects WP Testimonials: from n/a through 1.4.3. | |
| CVE-2024-30237 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Supsystic Slider by Supsystic.This issue affects Slider by Supsystic: from n/a through 1.8.10. | |
| CVE-2024-46508 | high | 7.5 | 7.5 | 20d ago | yeti-platform yeti before 2.1.12 allows attackers to generate valid JWT tokens is the secret is not changed (by setting YETI_AUTH_SECRET_KEY to a value other than SECRET). | |
| CVE-2024-27686 | high | 7.5 | 7.5 | 20d ago | Mikrotik RouterOS (x86) 6.40.5 through 6.49.10 (fixed in 7) allows a remote attacker to cause a denial of service (device crash) via crafted packet data to the SMB service on TCP port 445. | |
| CVE-2024-52911 | high | 7.5 | 7.5 | 23d ago | Bitcoin Core through 28.x has a security issue, the details of which are not disclosed. The earliest affected version is 0.14. | |
| CVE-2024-13971 | high | 7.5 | 7.5 | 28d ago | Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobster_pro prior to version 4.12.6-GA. This allows them to obtain read access to files on the application server a… | |
| CVE-2024-39847 | high | 7.5 | 7.5 | 28d ago | Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adja… | |
| CVE-2024-14033 | high | 7.5 | 7.5 | 2mo ago | Hirschmann EagleSDV firmware prior to 05.4.02 contains a denial-of-service vulnerability in TLS session establishment. Attackers can crash the device during TLS handshake by exploiting protocol downg… | |
| CVE-2024-43333 | high | 7.5 | 7.5 | 1y ago | Incorrect Privilege Assignment vulnerability in NotFound Admin and Site Enhancements (ASE) Pro allows Privilege Escalation. This issue affects Admin and Site Enhancements (ASE) Pro: from n/a through … | |
| CVE-2024-56067 | high | 7.5 | 7.5 | 1y ago | Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/… | |
| CVE-2024-21548 | high | 7.5 | 7.5 | 2y ago | Bun has an Application-level Prototype Pollution vulnerability in the runtime native API for Glo | |
| CVE-2024-54279 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tobias Keller WP-NERD Toolkit wp-nerd-toolkit.This issue affects WP-NERD Toolkit: from n/a through <= 1.1. | |
| CVE-2024-53804 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster wp-mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through <= 1.8.16… | |
| CVE-2024-52481 | high | 7.5 | 7.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Astoundify Jobify jobify allows Relative Path Traversal.This issue affects Jobify: from n/a through < 4… | |
| CVE-2024-52449 | high | 7.5 | 7.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Navneil Naicer Bootscraper allows PHP Local File Inclusion.This issue affects Bootscraper: from n/a thr… | |
| CVE-2024-49997 | high | 7.5 | 7.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclo… |