CVEs from 2024
Total
6,961
critical
critical 114
high
high 1,032
medium
medium 1,998
low
low 47
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.8%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-43955 | high | 7.5 | 7.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Droip allows File Manipulation.This issue affects Droip: from n/a through 1.1.1. | |||
| CVE-2024-41996 | high | 7.5 | 7.5 | 2y ago | Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expe… | |||
| CVE-2024-30101 | high | 7.5 | 7.5 | 2y ago | Microsoft Office Remote Code Execution Vulnerability | |||
| CVE-2024-32715 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. | |||
| CVE-2024-21746 | high | 7.5 | 7.5 | 2y ago | Authentication Bypass by Spoofing vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Identity Spoofing.This issue affects Wp Ultimate Review: from n/a through <= 2.3.6. | |||
| CVE-2024-35166 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team Filebird.This issue affects Filebird: from n/a through 5.6.3. | |||
| CVE-2024-34559 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This issue affects Ghost: from n/a through 1.4.0. | |||
| CVE-2024-32724 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Woo product importer Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy.This issue affects Sharkdropship dropshipping for Aliexpress, eBay, Amazon, e… | |||
| CVE-2024-32100 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.11. | |||
| CVE-2024-34388 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Scribit GDPR Compliance.This issue affects GDPR Compliance: from n/a through 1.2.5. | |||
| CVE-2024-33594 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Leaky Paywall.This issue affects Leaky Paywall: from n/a through 4.20.8. | |||
| CVE-2024-33591 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Tips and Tricks HQ Easy Accept Payments.This issue affects Easy Accept Payments: from n/a through 4.9.10. | |||
| CVE-2024-33635 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17. | |||
| CVE-2024-33597 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in ProFaceOff SSU.This issue affects SSU: from n/a through 1.5.0. | |||
| CVE-2024-33637 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information into Log File vulnerability in Solid Plugins Solid Affiliate.This issue affects Solid Affiliate: from n/a through 1.9.1. | |||
| CVE-2024-32953 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information into Log File vulnerability in Newsletters.This issue affects Newsletters: from n/a through 4.9.5. | |||
| CVE-2024-32816 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid.This issue affects Post Grid: from n/a through 2.2.78. | |||
| CVE-2024-32781 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ThemeHigh Email Customizer for WooCommerce.This issue affects Email Customizer for WooCommerce: from n/a through 2.6.0. | |||
| CVE-2024-32726 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in vinoth06. Frontend Dashboard.This issue affects Frontend Dashboard: from n/a through 2.2.2. | |||
| CVE-2024-32684 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5. | |||
| CVE-2024-32683 | high | 7.5 | 7.5 | 2y ago | Authorization Bypass Through User-Controlled Key vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5. | |||
| CVE-2024-32086 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AitThemes Citadela Listing.This issue affects Citadela Listing: from n/a through 5.18.1. | |||
| CVE-2024-31343 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 4.… | |||
| CVE-2024-31358 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Saleswonder Team: Tobias 5 Stars Rating Funnel 5-stars-rating-funnel.This issue affects 5 Stars Rating Funnel: from n/a through <= 1.2.67. | |||
| CVE-2024-31298 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information into Log File vulnerability in Joel Hardi User Spam Remover.This issue affects User Spam Remover: from n/a through 1.0. | |||
| CVE-2024-31259 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information into Log File vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.5. | |||
| CVE-2024-31254 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7. | |||
| CVE-2024-31249 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information into Log File vulnerability in WPKube Subscribe To Comments Reloaded.This issue affects Subscribe To Comments Reloaded: from n/a through 220725. | |||
| CVE-2024-31247 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information into Log File vulnerability in Frédéric GILLES FG Drupal to WordPress.This issue affects FG Drupal to WordPress: from n/a through 3.70.3. | |||
| CVE-2024-31245 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information into Log File vulnerability in ConvertKit.This issue affects ConvertKit: from n/a through 2.4.5. | |||
| CVE-2024-30533 | high | 7.5 | 7.5 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Techeshta Layouts for Elementor.This issue affects Layouts for Elementor: from n/a before 1.8. | |||
| CVE-2024-24832 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.9. | |||
| CVE-2024-25903 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in N-Media Frontend File Manager.This issue affects Frontend File Manager: from n/a through 22.7. | |||
| CVE-2024-25591 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Benjamin Rojas WP Editor.This issue affects WP Editor: from n/a through 1.2.7. | |||
| CVE-2024-25933 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7. | |||
| CVE-2024-24867 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Osamaesh WP Visitor Statistics (Real Time Traffic).This issue affects WP Visitor Statistics (Real Time Traffic): from n/a t… | |||
| CVE-2024-2318 | high | 7.5 | 7.5 | 2y ago | A vulnerability was found in ZKTeco ZKBio Media 2.0.0_x64_2024-01-29-1028. It has been classified as problematic. Affected is an unknown function of the file /pro/common/download of the component Ser… | |||
| CVE-2024-22141 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Cozmoslabs Profile Builder Pro.This issue affects Profile Builder Pro: from n/a through 3.10.0. | |||
| CVE-2024-22154 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SNP Digital SalesKing.This issue affects SalesKing: from n/a through 1.6.15. | |||
| CVE-2024-22301 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ignazio Scimone Albo Pretorio On line.This issue affects Albo Pretorio On line: from n/a through 4.6.6. | |||
| CVE-2024-22294 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in IP2Location IP2Location Country Blocker.This issue affects IP2Location Country Blocker: from n/a through 2.33.3. | |||
| CVE-2024-0241 | high | 7.5 | 7.5 | 3y ago | encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDs | |||
| CVE-2024-27052 | high | 7.4 | 7.4 | 2y ago | RHSA-2024:3627: kernel-rt security and bug fix update (Moderate) | |||
| CVE-2024-33602 | high | 7.4 | 7.4 | 2y ago | RHSA-2024:3344: glibc security update (Important) | |||
| CVE-2024-55045 | high | 7.3 | 7.3 | 17d ago | Firmament-Autopilot FMT-Firmware commit de5aec was discovered to contain a buffer overflow via the task_mavobc_entry function at /comm/task_comm.c. | |||
| CVE-2024-46507 | high | 7.3 | 7.3 | 22d ago | A SSTI (server side template injection) vulnerability in the custom template export function in yeti-platform yeti before 2.1.12 allows attackers to execute code on the application server. | |||
| CVE-2024-33288 | high | 7.3 | 7.3 | 22d ago | Prison Management System Using PHP v1.0 was discovered to contain a SQL injection vulnerability via the username on the Admin login page. | |||
| CVE-2024-42093 | high | 7.3 | 7.3 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask va… | |||
| CVE-2024-33601 | high | 7.3 | 7.3 | 2y ago | RHSA-2024:3344: glibc security update (Important) | |||
| CVE-2024-56462 | high | 7.2 | 7.2 | 3d ago | IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating syste… | |||
| CVE-2024-11620 | high | 7.2 | 7.2 | 2y ago | Improper Control of Generation of Code ('Code Injection') vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Code Injection.This issue affects Rank Math SEO: from n/a through <= 1.0… | |||
| CVE-2024-34440 | high | 7.2 | 7.2 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.2.63. | |||
| CVE-2024-34433 | high | 7.2 | 7.2 | 2y ago | Deserialization of Untrusted Data vulnerability in OCDI One Click Demo Import.This issue affects One Click Demo Import: from n/a through 3.2.0. | |||
| CVE-2024-33911 | high | 7.2 | 7.2 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4. | |||
| CVE-2024-32602 | high | 7.2 | 7.2 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingu… | |||
| CVE-2024-32431 | high | 7.2 | 7.2 | 2y ago | Deserialization of Untrusted Data vulnerability in WP All Import Import Users from CSV.This issue affects Import Users from CSV: from n/a through 1.2. | |||
| CVE-2024-32087 | high | 7.2 | 7.2 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExportFeed.Com Product Feed on WooCommerce for Google.This issue affects Product Feed on WooComme… | |||
| CVE-2024-31308 | high | 7.2 | 7.2 | 2y ago | Deserialization of Untrusted Data vulnerability in VJInfotech WP Import Export Lite.This issue affects WP Import Export Lite: from n/a through 3.9.26. | |||
| CVE-2024-31292 | high | 7.2 | 7.2 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Moove Agency Import XML and RSS Feeds.This issue affects Import XML and RSS Feeds: from n/a through 2.1.5. | |||
| CVE-2024-31288 | high | 7.2 | 7.2 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize.This issue affects RapidLoad Power-Up for Autoptimize: from n/a through 2.2.11. | |||
| CVE-2024-31260 | high | 7.2 | 7.2 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WisdmLabs Edwiser Bridge.This issue affects Edwiser Bridge: from n/a through 3.0.2. | |||
| CVE-2024-27951 | high | 7.2 | 7.2 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows Upload a Web Shell to a Web Server.This issue affects Multiple Page Generator Pl… | |||
| CVE-2024-31116 | high | 7.2 | 7.2 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web 10Web Map Builder for Google Maps.This issue affects 10Web Map Builder for Google Maps: fro… | |||
| CVE-2024-30504 | high | 7.2 | 7.2 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel Engine.This issue affects WP Travel Engine: from n/a through 5.7.9. | |||
| CVE-2024-30501 | high | 7.2 | 7.2 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.9.4. | |||
| CVE-2024-30495 | high | 7.2 | 7.2 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Faboba Falang multilanguage.This issue affects Falang multilanguage: from n/a through 1.3.47. | |||
| CVE-2024-30478 | high | 7.2 | 7.2 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bulletin WordPress Announcement & Notification Banner Plugin – Bulletin.This issue affects WordPr… | |||
| CVE-2024-29100 | high | 7.2 | 7.2 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.1.4. | |||
| CVE-2024-30231 | high | 7.2 | 7.2 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Product Import Export for WooCommerce.This issue affects Product Import Export for WooCommerce: from n/a through 2.4.1. | |||
| CVE-2024-25902 | high | 7.2 | 7.2 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniorange Malware Scanner.This issue affects Malware Scanner: from n/a through 4.7.2. | |||
| CVE-2024-24714 | high | 7.2 | 7.2 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in bPlugins LLC Icons Font Loader.This issue affects Icons Font Loader: from n/a through 1.1.4. | |||
| CVE-2024-22147 | high | 7.2 | 7.2 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Overnight PDF Invoices & Packing Slips for WooCommerce.This issue affects PDF Invoices & Packi… | |||
| CVE-2024-22152 | high | 7.2 | 7.2 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Product Import Export for WooCommerce.This issue affects Product Import Export for WooCommerce: from n/a through 2.3.7. | |||
| CVE-2024-22135 | high | 7.2 | 7.2 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in WebToffee Order Export & Order Import for WooCommerce.This issue affects Order Export & Order Import for WooCommerce: from n/a through… | |||
| CVE-2024-58014 | high | 7.1 | 7.1 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() In 'wlc_phy_iqcal_gainparams_nphy()', add gain range chec… | |||
| CVE-2024-50301 | high | 7.1 | 7.1 | 8mo ago | RHSA-2025:9581: kernel-rt security update (Moderate) | |||
| CVE-2024-57929 | high | 7.1 | 7.1 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: dm array: fix releasing a faulty array block twice in dm_array_cursor_end When dm_bm_read_lock() fails due to locking or checksum… | |||
| CVE-2024-50033 | high | 7.1 | 7.1 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: slip: make slhc_remember() more robust against malicious packets syzbot found that slhc_remember() was missing checks against mal… | |||
| CVE-2024-50035 | high | 7.1 | 7.1 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ppp: fix ppp_async_encode() illegal access syzbot reported an issue in ppp_async_encode() [1] In this case, pppoe_sendmsg() is c… | |||
| CVE-2024-35967 | high | 7.1 | 7.1 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix not validating setsockopt user input syzbot reported sco_sock_setsockopt() is copying data without checking u… | |||
| CVE-2024-35965 | high | 7.1 | 7.1 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix not validating setsockopt user input Check user input length before copying data. | |||
| CVE-2024-46743 | high | 7.1 | 7.1 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk When of_irq_parse_raw() is invoked with a device address … | |||
| CVE-2024-35966 | high | 7.1 | 7.1 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: Fix not validating setsockopt user input syzbot reported rfcomm_sock_setsockopt_old() is copying data without … | |||
| CVE-2024-42094 | high | 7.1 | 7.1 | 1y ago | RHSA-2024:7000: kernel security update (Important) | |||
| CVE-2024-42292 | high | 7.1 | 7.1 | 1y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-49300 | high | 7.1 | 7.1 | 1y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows Reflected XSS. This issue affec… | |||
| CVE-2024-56014 | high | 7.1 | 7.1 | 1y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Markyis Cool Olivia allows Reflected XSS.This issue affects Olivia: from n/a through 0.9.5. | |||
| CVE-2024-56026 | high | 7.1 | 7.1 | 1y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg – SiteOrigin Simple Proxy simple-proxy allows Reflected XSS.This issue affects Simple Proxy:… | |||
| CVE-2024-12582 | high | 7.1 | 7.1 | 1y ago | A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud en… | |||
| CVE-2024-56017 | high | 7.1 | 7.1 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Tom Royal Stop Registration Spam allows Stored XSS.This issue affects Stop Registration Spam: from n/a through 1.23. | |||
| CVE-2024-54257 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Molefed allows Reflected XSS.This issue affects tydskrif: from n/a through 1.1.3. | |||
| CVE-2024-54249 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jules Colle Advanced Options Editor allows Reflected XSS.This issue affects Advanced Options Edit… | |||
| CVE-2024-56015 | high | 7.1 | 7.1 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in John Godley Tidy Up allows Reflected XSS.This issue affects Tidy Up: from n/a through 1.3. | |||
| CVE-2024-53821 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Genetech Pie Register Premium allows Reflected XSS.This issue affects Pie Register Premium: from … | |||
| CVE-2024-52452 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eduNEXT Open edX LMS allows Reflected XSS.This issue affects Open edX LMS: from n/a through 2.6.1. | |||
| CVE-2024-53750 | high | 7.1 | 7.1 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Maeve Lander PayPal Responder allows Stored XSS.This issue affects PayPal Responder: from n/a through 1.2. | |||
| CVE-2024-38635 | high | 7.1 | 7.1 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 whi… | |||
| CVE-2024-10676 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wojciechborowicz Conversion Helper conversion-helper allows Reflected XSS.This issue affects Conv… | |||
| CVE-2024-49678 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jinwen js allows Reflected XSS.This issue affects js paper: from n/a through 2.5.7. | |||
| CVE-2024-49900 | high | 7.1 | 7.1 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of new_ea in ea_buffer syzbot reports that lzo1x_1_do_compress is using uninit-value: =============… |