735 matches found
WordPress Themify Builder < 7.5.8 - Open Redirect
The Themify Builder WordPress plugin before version 7.5.8 contains an open redirect vulnerability. The plugin does not validate the tbredirectfail parameter before redirecting users to its value, which could allow attackers to redirect users to malicious websites. id: CVE-2024-3032 info: name:...
Gitea 1.22.0 - Cross-Site Scripting
Gitea 1.22.0 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability allows an attacker to inject malicious scripts that get stored on the server and executed in the context of another user's session. id: CVE-2024-6886 info: name: Gitea 1.22.0 - Cross-Site Scripting...
Security Bulletin: A security vulnerability in logback-classic-1.3.14.jar affects IBM DevOps Code ClearCase [CVE-2024-12798]
Summary A security vulnerability in logback-classic-1.3.14.jar affects IBM DevOps Code ClearCase CVE-2024-12798 Vulnerability Details CVEID:CVE-2024-12798 DESCRIPTION: ACE vulnerability in JaninoEventEvaluator by QOS.CH logback-core upto including version 0.1 to 1.3.14 and 1.4.0 to 1.5.12 in Java...
app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:deder-publish-example_3 (=0.0.1) +1362 more potentially affected by CVE-2024-4027 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.20.Final)
io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.10.0, =0.0.7, =1.1.15, =1.0.6, =1.0.6, =1.0.6, =2.0.1, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =2.1.1 and more Source cves: CVE-2024-4027 Source advisory: OSV:GHSA-33HJ-RCMX-86MV...
Azure Linux 3.0 Security Update: kernel (CVE-2024-46854)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46854 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: dpaa: Pad packets to ETHZLEN When...
Konica Bizhub Multifunction Printers Server-Side Request Forgery (CVE-2024-51981)
An unauthenticated attacker may perform a blind server side request forgery SSRF, due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling. This SSRF leverages the WS-Addressing feature used during a WS-Eventing subscription SOAP operation. The attacker can control al...
CVE-2024-41439
A heap buffer overflow in the function cpblock /vendor/cutepng.h of hicolor v0.5.0 allows attackers to cause a Denial of Service DoS via a crafted PNG file...
CVE-2024-41243
An Incorrect Access Control vulnerability was found in /smsa/viewmarks.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view MARKS details...
CVE-2024-2567
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as problematic, was found in jurecapuder AndroidWeatherApp 1.0.0 on Android. Affected is an unknown function of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to a...
CVE-2024-2560
A vulnerability classified as problematic was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has bee...
EUVD-2024-3526
Malicious code in bioql PyPI...
EUVD-2024-1224
Malicious code in bioql PyPI...
CVE-2024-26779
creationtimestamp| type| source ---|---|--- 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-15...
Linux Distros Unpatched Vulnerability : CVE-2024-27009
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/cio: fix race condition during online processing A race condition exists in...
CBL Mariner 2.0 Security Update: ceph (CVE-2024-48916)
The version of ceph installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-48916 advisory. - Ceph is a distributed object, block, and file storage platform. In versions 19.2.3 and below, it is possible t...
Linux Distros Unpatched Vulnerability : CVE-2024-21490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear...
Linux Distros Unpatched Vulnerability : CVE-2024-42138
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mlxsw: corelinecards: Fix double memory deallocation in case of invalid INI file In case of...
Linux Distros Unpatched Vulnerability : CVE-2024-26860
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dm-integrity: fix a memory leak when rechecking the data Memory for the checksums pointer wi...
Linux Distros Unpatched Vulnerability : CVE-2024-38552
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color transformation function Fixes...
Linux Distros Unpatched Vulnerability : CVE-2024-26790
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read There is chip ls1028a errata...