Slándáil Research:
Feeds
Feeds
Search
Search Engine
Feed: Vuldb Latest
Link
CVE-2024-1959 | Social Sharing Plugin Plugin up to 4.4.6.1 on WordPress Shortcode cross site scripting
CVE-2024-3665 | Rank Math SEO with AI SEO Tools Plugin up to 1.0.216 on WordPress titleWrapper cross site scripting
CVE-2024-3491 | Schema & Structured Data for WP & AMP Plugin up to 1.29 on WordPress How To/FAQ Block cross site scripting
CVE-2024-2477 | wpDiscuz Plugin up to 7.6.15 on WordPress Image Alternative Text cross site scripting
CVE-2024-3732 | GeoDirectory Plugin up to 2.3.48 on WordPress Shortcode gd_single_tabs cross site scripting
CVE-2024-2493 | Hitachi Ops Center Analyzer up to 11.0.0 missing secure attribute (sec-2024-122)
CVE-2023-6833 | Hitachi Ops Center Administrator up to 11.0.0 log file (sec-2024-121)
CVE-2024-29368 | moziloCMS 2.0 POST Request unrestricted upload
CVE-2024-2760 | Bkav Home v7816 Build 2403161130 IOCTL BkavSDFlt.sys memory leak
CVE-2024-1241 | Watchdog Antivirus 1.6.415 IOCTL wsdk-driver.sys null pointer dereference
CVE-2024-27574 | Trainme Academy 1.3.2 informacion/idcurso/tit sql injection
CVE-2024-32657 | NixOS Hydra up to 23.10 ISO File cross site scripting (GHSA-2p75-6g9f-pqgx)
CVE-2024-31036 | NanoMQ 0.21.7 Hexstreams read_byte heap-based overflow (Issue 1722)
CVE-2024-31857 | WPMU Forminator Plugin up to 1.15.3 on WordPress cross site scripting
CVE-2024-21511 | mysql2 up to 3.9.6 readCodeFor timezone code injection (SNYK-JS-MYSQL2-6670046)
CVE-2024-28890 | WPMU Forminator Plugin up to 1.28.x on WordPress unrestricted upload
CVE-2024-32041 | FreeRDP up to 2.11.5/3.4.x out-of-bounds (GHSA-5r4p-mfx2-m44r)
CVE-2024-32040 | FreeRDP up to 2.11.5/3.4.x NSC Codec integer underflow (GHSA-23c5-cp23-h2h5)
CVE-2024-32458 | FreeRDP up to 2.11.5/3.4.x out-of-bounds (GHSA-vvr6-h646-mp4p)
CVE-2024-32394 | Ruijie RG-RSR10-01G-T 3.0 HTTP Request Privilege Escalation
CVE-2024-32459 | FreeRDP up to 2.11.5/3.4.x out-of-bounds (GHSA-cp4q-p737-rmw9)
CVE-2024-32460 | FreeRDP up to 2.11.5/3.4.x Legacy GDI out-of-bounds (GHSA-4rr8-gr65-vqrr)
CVE-2024-32653 | skylot jadx up to 1.4.x Package Name input validation (GHSA-3pp3-hg2q-9gpm)
CVE-2024-32039 | FreeRDP up to 2.11.5/3.4.x /gfx integer overflow (GHSA-q5h8-7j42-j4r9)
CVE-2024-31077 | WPMU Forminator Plugin up to 1.29.2 on WordPress sql injection
CVE-2024-3677 | Ultimate 410 Gone Status Code Plugin up to 1.1.4 on WordPress cross site scripting
CVE-2024-3715 | Database for Contact Form 7, WPforms, Elementor Forms cross site scripting
CVE-2024-3664 | Quick Featured Images Plugin up to 13.7.0 on WordPress Thumbnail authorization
CVE-2024-32238 | H3C ER8300G2-X Management System Page Login Interface access control
CVE-2024-3985 | Exclusive Addons for Elementor Plugin up to 2.6.9.4 on WordPress Call to Action cross site scripting
CVE-2024-2750 | Exclusive Addons for Elementor Plugin up to 2.6.9.3 on WordPress Button Widget cross site scripting
CVE-2024-3338 | Colibri Page Builder Plugin up to 1.0.262 on WordPress cross site scripting
CVE-2024-3889 | Royal Elementor Addons and Templates Plugin up to 1.3.971 on WordPress Advanced Accordion Title Tags cross site scripting
CVE-2024-2799 | Royal Elementor Addons and Templates Plugin up to 1.3.971 on WordPress HTML Tag cross site scripting
CVE-2024-2798 | Royal Elementor Addons and Templates Plugin up to 1.3.971 on WordPress cross site scripting
CVE-2024-3489 | Exclusive Addons for Elementor Plugin up to 2.6.9.4 on WordPress Countdown Expired Title cross site scripting
CVE-2024-3337 | Colibri Page Builder Plugin up to 1.0.272 on WordPress Shortcode colibri_breadcrumb_element cross site scripting
CVE-2024-3340 | Colibri Page Builder Plugin up to 1.0.272 on WordPress Shortcode colibri-gallery-slideshow cross site scripting
CVE-2024-3546 | Backup & Migration Plugin up to 1.4.8 on WordPress authorization
CVE-2024-32479 | LibreNMS Service Template Name cross site scripting
CVE-2024-32656 | antmedia ant-media-server authorization
CVE-2024-32461 | LibreNMS sql injection
CVE-2024-32480 | LibreNMS sql injection
CVE-2024-29376 | Sylius 1.12.13 Address Book Province cross site scripting
CVE-2024-31545 | Computer Laboratory Management System 1.0 id sql injection
CVE-2024-32407 | Relate Learning And Teaching System prior 2024.1 Page Sandbox Privilege Escalation
CVE-2024-32399 | RaidenMAILD Mail Server up to 4.9.4 /webeditor/ path traversal
CVE-2024-32405 | Relate Learning And Teaching System prior 2024.1 Exam InlineMultiQuestion cross site scripting
CVE-2024-31666 | flusity CMS 2.33 edit_addon_post.php Privilege Escalation
CVE-2022-46897 | Insyde InsydeH2O up to 5.5 CapsuleIFWUSmm Driver return value
CVE-2024-28436 | D-Link DAP-3662 session_login.php reload cross site scripting
CVE-2023-38292 | TCL 20XE access control
CVE-2023-38294 | Itel Vision 3 Turbo Android access control
CVE-2023-38293 | Nokia C100/C200 command injection
CVE-2023-38290 | Sharp Rouvo V access control
CVE-2023-38297 | T-Mobile Device command injection
CVE-2023-38295 | TCL 30Z/10 access control
CVE-2022-35503 | Open Source MANO up to 12 Virtual Network Function Remote Code Execution
CVE-2023-38302 | Sharp Rouvo V information disclosure
CVE-2023-38300 | Orbic Maui RC545L/ORB545L information disclosure
CVE-2023-38299 | AT&T/Nokia Devices information disclosure
CVE-2023-38298 | TCL 30Z/A3X/20XE/10L information disclosure
CVE-2023-38296 | TCL 30Z/A3X information disclosure
CVE-2023-38301 | Motorola Device information disclosure
CVE-2023-38291 | TCL/Motorola Device ro.boot.wifimacaddr information disclosure
CVE-2024-28699 | pdf2json 0.70 ImgOutputDev buffer overflow
CVE-2022-34560 | PHPFox 4.8.9 History cross site scripting
CVE-2024-32368 | Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor 3.0 Bluetooth Low Energy denial of service
CVE-2022-34561 | PHPFox 4.8.9 video description cross site scripting
CVE-2022-34562 | PHPFox 4.8.9 Status Box cross site scripting
CVE-2024-27348 | Apache HugeGraph-Server up to 1.2.x RESTful-API Privilege Escalation
CVE-2024-3293 | rtMedia for BuddyPress and bbPress Plugin up to 4.6.18 on WordPress rtmedia_gallery sql injection
CVE-2024-22815 | Tormach xsTECH CNC Router 2.9.6 Commands denial of service
CVE-2024-29661 | DedeCMS 5.7 unrestricted upload
CVE-2024-4026 | Holded Application up to 4.19.x General/Team ID cross site scripting
CVE-2024-22811 | Tormach xsTECH CNC Router 2.9.6 Hostmot2 Configuration Cookie denial of service
CVE-2024-22807 | Tormach xsTECH CNC Router 2.9.6 denial of service
CVE-2024-22808 | Tormach xsTECH CNC Router 2.9.6 Name denial of service
CVE-2024-22809 | Tormach xsTECH CNC Router 2.9.6 Shared Folder information disclosure
CVE-2024-22813 | Tormach xsTECH CNC Router 2.9.6 IP Address denial of service
CVE-2024-27349 | Apache HugeGraph-Server up to 1.2.x RESTful-API authentication spoofing
CVE-2024-27347 | Apache HugeGraph-Hubble up to 1.2.x Hubble Connection Page server-side request forgery
CVE-2024-32682 | BdThemes Prime Slider Plugin up to 3.13.2 on WordPress authorization
CVE-2024-32681 | BdThemes Prime Slider Plugin up to 3.13.2 on WordPress authorization
CVE-2024-32688 | Long Watch Studio MyRewards Plugin up to 5.3.0 on WordPress authorization
CVE-2024-32684 | Wpmet Wp Ultimate Review Plugin up to 2.2.5 on WordPress authorization
CVE-2024-28717 | OpenStack Storlets yoga-eom gateway.py stack-based overflow
CVE-2024-32691 | realmag777 Active Products Tables for WooCommerce Plugin up to 1.0.6.2 on WordPress authorization
CVE-2024-22856 | Axefinance Axe Credit Portal 3.0 Save Favorite Search sql injection
CVE-2024-32687 | WPClever WPC Frequently Bought Together for WooCommerce Plugin authorization
CVE-2024-32693 | ValvePress Automatic Plugin up to 3.92.x on WordPress cross-site request forgery
CVE-2024-32696 | QuantumCloud Infographic Maker Plugin up to 4.6.6 on WordPress cross site scripting
CVE-2024-32695 | Marco Gasi Language Switcher for Transposh Plugin up to 1.5.9 on WordPress cross site scripting
CVE-2024-32698 | Leevio Happy Addons for Elementor Plugin up to 3.10.4 on WordPress cross site scripting
CVE-2024-32694 | Creative Interactive Media 3D FlipBook, PDF Viewer, PDF Embedder Plugin up to 3.62 on WordPress cross site scripting
CVE-2024-32690 | Fahad Mahmood RSS Feed Widget Plugin up to 2.9.7 on WordPress cross site scripting
CVE-2024-32697 | HelloAsso Plugin up to 1.1.5 on WordPress cross site scripting
CVE-2023-7252 | Tickera Plugin up to 3.5.2.4 on WordPress Ticket authorization
CVE-2024-30799 | PX4 Autopilot up to 1.14 Breach Return Point Privilege Escalation (Issue 22428)
CVE-2024-28722 | Innovaphone PBX 12r2/13r3/14r1 /CMD0/xml_modes.xml query cross site scripting
CVE-2024-32418 | flusity CMS 2.33 add_addon.php Privilege Escalation
CVE-2018-25101 | l2c2technologies Koha up to 20180108 opac-MARCdetail.pl biblionumber cross site scripting
CVE-2015-10132 | Thimo Grauerholz WP-Spreadplugin up to 3.8.6.1 on WordPress spreadplugin.php cross site scripting
VDB-261675 | Backdoor.Win32.Dumador.c FTP Server stack-based overflow
CVE-2024-4022 | Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 up to 4.1.2.15 Version Data /version.js information disclosure
CVE-2024-4021 | Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 up to 4.1.2.15 Configuration Setting /ndmComponents.js information disclosure
CVE-2024-1730 | bdthemes Prime Slider Plugin up to 3.14.0 on WordPress link cross site scripting
CVE-2024-4020 | Tenda FH1206 1.2.0.8(8155) /goform/addressNat fromAddressNat entrys buffer overflow
CVE-2024-1993 | Icon Widget Plugin up to 1.3.0 on WordPress Shortcode cross site scripting
CVE-2024-1567 | Royal Elementor Addons and Templates Plugin up to 1.3.94 on WordPress unrestricted upload
CVE-2024-4014 | hCaptcha Plugin up to 4.0.0 on WordPress cf7-hcaptcha Shortcode cross site scripting
CVE-2024-31994 | Mealie up to 1.3.x resource consumption (GHSL-2023-225)
CVE-2024-4019 | Byzoro Smart S80 Management Platform up to 20240411 /importhtml.php sql deserialization
CVE-2023-50186 | GStreamer AV1 Video Parser stack-based overflow
CVE-2024-30974 | Autoexpress 1.3.0 carId sql injection
CVE-2024-22905 | ARM Mbed OS 6.17.0 hciTrSerialRxIncoming buffer overflow
CVE-2024-31993 | Mealie up to 1.3.x scrape_image server-side request forgery (GHSL-2023-225)
CVE-2024-32391 | MacCMS 10 v.2024.1000.3000 cross site scripting
CVE-2024-31584 | PyTorch up to 2.1.x flatbuffer_loader.cpp out-of-bounds
CVE-2024-4018 | BeyondTrust U-Series Appliance up to 4.0.2 on 64-bit Win API privileges management
CVE-2024-32392 | CmSimple 5.15 functions.php cross site scripting
CVE-2023-47435 | hexo-theme-matery 2.0.0 verifyPassword improper authentication (Issue 897)
CVE-2024-31991 | Mealie up to 1.3.x safe_scrape_html server-side request forgery (GHSL-2023-225)
CVE-2024-4017 | BeyondTrust U-Series Appliance up to 4.0.2 on 64-bit Win privileges management
CVE-2024-1681 | corydolphin flask-cors GET neutralization for logs
CVE-2024-32652 | honojs node-server up to 1.10.0 exceptional condition (ID 159)
CVE-2024-31450 | Owncast up to 0.1.2 Administrator API /api/admin path traversal (GHSL-2023-277)
CVE-2024-31992 | Mealie up to 1.3.x safe_scrape_html resource consumption (GHSL-2023-225)
CVE-2024-2417 | User Registration Plugin up to 3.1.5 on WordPress authorization
CVE-2024-3287 | SmartCrawl SEO Checker Plugin up to 3.10.2 on WordPress authorization
CVE-2024-3581 | MaxGalleria Plugin up to 6.4.2 on WordPress authorization
CVE-2024-3729 | DynamiApps Frontend Admin Plugin up to 3.19.4 on WordPress missing encryption
CVE-2024-31552 | CuteHttpFileServer 3.1 information disclosure
CVE-2023-51796 | FFmpeg libavfilter/f_reverse.c areverse_request_frame buffer overflow (ID 10753)
CVE-2023-51797 | FFmpeg avf_showwaves.c showwaves_filter_frame buffer overflow (ID 10756)
CVE-2023-51793 | FFmpeg libavutil/imgutils.c image_copy_plane buffer overflow (ID 10743)
CVE-2023-49963 | DYMO LabelWriter Print Server up to 2.366 hard-coded password
CVE-2024-32409 | SEMCMS 4.8 cross site scripting
CVE-2024-31841 | Italtel Embrace 1.6.4 Web Server information disclosure
CVE-2024-29183 | Baidu OpenRASP up to 1.3.7 /login redirect cross site scripting
CVE-2024-27752 | CSZ CMS 1.3.0 settings Default Keyword cross site scripting
CVE-2024-22640 | TCPDF up to 6.6.5 HTML Page redos
CVE-2023-51791 | FFmpeg N113007-g8d24a28d06 jpegxl_parser.c gen_alias_map buffer overflow (ID 10738)
CVE-2023-51792 | libde265 1.0.12 denial of service (ID 427)
CVE-2024-31587 | SecuSTATION Camera up to 2.5.5.3116-S50-SMA-B20160811A Configuration information disclosure
CVE-2024-31846 | Italtel Embrace 1.6.4 Web Application improper authorization
CVE-2024-29029 | usememos up to 0.13.2 /o/get/image server-side request forgery (GHSL-2023-154)
CVE-2024-3684 | GitHub Enterprise Server up to 3.9.12/3.10.9/3.11.7/3.12.1 server-side request forgery
CVE-2023-50010 | FFmpeg 6.1-3-g466799d4f5 /fftools/ffmpeg_enc.c set_encoder_id buffer overflow (ID 10702)
CVE-2023-50008 | FFmpeg 6.1-3-g466799d4f5 libavutil/mem.c av_malloc buffer overflow (ID 10701)
CVE-2023-37397 | IBM Aspera Faspex up to 5.0.7 certificate validation (XFDB-259672)
CVE-2022-40745 | IBM Aspera Faspex up to 5.0.7 inadequate encryption (XFDB-236452)
CVE-2023-37396 | IBM Aspera Faspex up to 5.0.7 cleartext storage (XFDB-259671)
CVE-2023-22869 | IBM Aspera Faspex up to 5.0.7 log file (XFDB-244119)
CVE-2024-32206 | WUZHICMS 4.1.0 \affiche\admin\index.php formdata cross site scripting
CVE-2024-2440 | GitHub Enterprise Server up to 3.9.12/3.10.9/3.11.7/3.12.0 GraphQL Mutation toctou
CVE-2024-32650 | Rustls complete_io infinite loop (GHSA-6g7w-8wpp-frhj)
CVE-2024-3470 | GitHub Enterprise Server up to 3.11.17/3.12.1 privileges management
CVE-2024-3646 | GitHub Enterprise Server up to 3.9.12/3.10.9/3.11.7/3.12.1 Management Console input validation
CVE-2024-29030 | usememos up to 0.13.2 /api/resource server-side request forgery (GHSL-2023-154)
CVE-2024-29028 | usememos up to 0.16.0 /o/get/httpmeta server-side request forgery
CVE-2024-32038 | Wazuh up to 4.7.1 wazuh-analysisd heap-based overflow (GHSA-fcpw-v3pg-c327)
CVE-2023-49275 | Wazuh up to 4.7.0 cJSON_GetObjectItem null pointer dereference (GHSA-4mq7-w9r6-9975)
CVE-2023-50260 | Wazuh up to 4.7.1 bin code injection (GHSA-mjq2-xf8g-68vw)
CVE-2024-31547 | Computer Laboratory Management System 1.0 view_item.php id sql injection
CVE-2024-31546 | Computer Laboratory Management System 1.0 view_damage.php id sql injection
CVE-2023-51798 | FFmpeg N113007-g8d24a28d06 vf_minterpolate.c interpolate buffer overflow (ID 10758)
CVE-2024-32478 | git-ecosystem git-credential-manager up to 2.4.x permission assignment (GHSA-3c3g-h9rx-f7vq)
CVE-2023-51795 | FFmpeg N113007-g8d24a28d06 avf_showspectrum.c showspectrumpic_request_frame buffer overflow (ID 10749)
CVE-2023-27279 | IBM Aspera Faspex up to 5.0.7 API improper control of interaction frequency (XFDB-248533)
CVE-2023-49502 | FFmpeg 6.1-3-g466799d4f5 libavfilter/bwdifdsp.c ff_bwdif_filter_intra_c buffer overflow (ID 10688)
CVE-2023-50009 | FFmpeg 6.1-3-g466799d4f5 edge_template.c ff_gaussian_blur_8 buffer overflow (ID 10699)
CVE-2023-50007 | FFmpeg 6.1-3-g466799d4f5 thelibavutil/samplefmt.c theav_samples_set_silence buffer overflow (ID 10700)
CVE-2024-32644 | Evmos up to 16.x improper synchronization (GHSA-3fp5-2xwh-fxm6)
CVE-2023-49501 | FFmpeg 6.1-3-g466799d4f5 asrc_afirsrc.c config_eq_output buffer overflow (ID 10686)
CVE-2024-29991 | Microsoft Edge prior 124.0.2478.51 code injection
CVE-2023-37400 | IBM Aspera Faspex up to 5.0.7 insufficiently protected credentials (XFDB-259677)
CVE-2024-3724 | Happy Addons for Elementor Plugin up to 3.10.5 on WordPress Image Stack Group cross site scripting
CVE-2024-3891 | Happy Addons for Elementor Plugin up to 3.10.5 on WordPress HTML Tag cross site scripting
CVE-2024-1057 | ShopLentor Plugin up to 2.8.1 on WordPress cross site scripting
CVE-2024-32166 | Webid 1.2.1 Buy Now resource injection
CVE-2024-31744 | jasper up to 4.2.2 Image File jpc_dec.c jpc_streamlist_remove denial of service (Issue 381)
CVE-2024-3979 | COVESA vsomeip up to 3.4.10 race condition
CVE-2024-3654 | Teimas Global Teixo 1.42.42-stable URL seconds cross site scripting
VDB-261594 | CrushFTP up to 10.7.1/11.0 VFS information disclosure
CVE-2024-31745 | Libdwarf 0.9.1 /libdwarf/dwarf_alloc.c dw_empty_errlist_item use after free
CVE-2024-3645 | Essential Addons for Elementor Pro Plugin up to 5.8.11 on WordPress title_html_tag cross site scripting
CVE-2024-29733 | Apache Airflow up to 3.6.x FTP Provider certificate validation
CVE-2024-32683 | Wpmet Wp Ultimate Review Plugin up to 2.2.5 on WordPress authorization
CVE-2024-1065 | Arm Bifrost GPU Kernel Driver use after free
CVE-2024-0671 | ARM Midgard GPU Kernel Driver use after free
CVE-2024-29969 | Brocade SANnav up to 2.3.0 Message Authentication Code inadequate encryption
CVE-2024-29968 | Brocade SANnav up to 2.3.0 Disaster Recovery Mode information disclosure
CVE-2024-2542 | Jotform Online Forms Plugin up to 1.3.1 on WordPress Shortcode cross site scripting
CVE-2023-7067 | ShopLentor Plugin up to 2.8.1 on WordPress woolentor_template_store improper authorization
CVE-2024-3312 | Easy Custom Auto Excerpt Plugin up to 2.4.12 on WordPress information disclosure
CVE-2024-29217 | Apache Answer up to 1.2.x Personal Website cross site scripting
CVE-2024-29204 | Ivanti Avalanche up to 6.4.2 WLAvalancheService heap-based overflow
CVE-2024-2761 | Genesis Blocks Plugin up to 3.1.2 on WordPress cross site scripting
CVE-2024-29967 | Brocade SANnav 2.3.0 Docker default permission
CVE-2024-30938 | SEMCMS 4.8 SEMCMS_User.php ID sql injection
CVE-2024-27984 | Ivanti Avalanche up to 6.4.2 Web denial of service
CVE-2024-29959 | Brocade SANnav up to 2.3.0 Standby Node Support Save log file
CVE-2024-27978 | Ivanti Avalanche up to 6.4.2 WLAvalancheService null pointer dereference
CVE-2024-27976 | Ivanti Avalanche up to 6.4.2 Web path traversal
CVE-2024-27975 | Ivanti Avalanche up to 6.4.2 WLAvalancheService use after free
CVE-2024-25000 | Ivanti Avalanche up to 6.4.2 Web path traversal
CVE-2024-24999 | Ivanti Avlanche up to 6.4.2 Web path traversal
CVE-2024-24998 | Ivanti Avalanche up to 6.4.2 Web path traversal
CVE-2024-24997 | Ivanti Avalanche up to 6.4.2 Web path traversal
CVE-2024-24996 | Ivanti Avalanche up to 6.4.2 WLInfoRailService heap-based overflow
CVE-2024-24995 | Ivanti Avalanche up to 6.4.2 Web race condition
CVE-2024-24994 | Ivanti Avalanche up to 6.4.2 Web path traversal
CVE-2024-24993 | Ivanti Avalanche up to 6.4.2 Web race condition
CVE-2024-24992 | Ivanti Avalanche up to 6.4.2 Web path traversal
CVE-2024-24991 | Ivanti Avalanche up to 6.4.2 WLAvalancheService null pointer dereference
CVE-2024-23535 | Ivanti Avalanche up to 6.4.2 Web path traversal
CVE-2024-23534 | Ivanti Avalanche up to 6.4.2 Web unrestricted upload
CVE-2024-22061 | Ivanti Avalanche up to 6.4.2 WLInfoRailService heap-based overflow
CVE-2024-31750 | F-logic DataCube3 1.0 req_id sql injection
CVE-2024-29965 | Brocade SANnav up to 2.3.0 SSH sensitive information
CVE-2024-29962 | Brocade SANnav up to 2.3.0 default permission
CVE-2024-32473 | Moby 26.0.0/26.0.1 IPv6 exposure of resource (GHSA-x84c-p2g9-rqv9)
CVE-2024-29964 | Brocade SANnav up to 2.3.0 Docker Daemon information disclosure
CVE-2024-29958 | Brocade SANnav up to 2.3.0a/2.3.0 Console log file
CVE-2024-29957 | Brocade SANnav up to 2.3.0 Disaster Recovery Mode log file
CVE-2024-27977 | Ivanti Avalanche up to 6.4.2 path traversal
CVE-2024-29966 | Brocade SANnav up to 2.3.0 hard-coded credentials
CVE-2024-23533 | Ivanti Avalanche up to 6.4.2 WLAvalancheService out-of-bounds
CVE-2024-23531 | Ivanti Avalanche up to 6.4.2 WLInfoRailService denial of service
CVE-2024-23530 | Ivanti Avalanche up to 6.4.2 WLAvalancheService out-of-bounds
CVE-2024-29960 | Brocade SANnav up to 2.3.0 OVA Image hard-coded credentials
CVE-2024-29961 | Brocade SANnav up to 2.3.0 Service information disclosure
CVE-2024-23529 | Ivanti Avalanche up to 6.4.2 WLAvalancheService out-of-bounds
CVE-2024-23528 | Ivanti Avalanche up to 6.4.2 WLAvalancheService out-of-bounds
CVE-2024-23526 | Ivanti Avalanche up to 6.4.2 WLAvalancheService out-of-bounds
CVE-2024-29963 | Brocade SANnav up to 2.3.0 TLS Connection hard-coded key
CVE-2024-23532 | Ivanti Avalanche up to 6.4.2 WLAvalancheService out-of-bounds
CVE-2024-30107 | HCL Connections 7.0/8.0 information disclosure (KB0112489)
CVE-2024-32477 | denoland Deno up to 1.42.1 libc::tcflush race condition (GHSA-95cj-3hr2-7j5j)
CVE-2024-32474 | Sentry prior 24.4.1 log file
CVE-2024-24910 | Check Point ZoneAlarm Extreme Security NextGen on Windows permission assignment
CVE-2024-32462 | Flatpak argument injection (GHSA-phv6-cpc2-2fgj)
CVE-2024-20380 | Cisco ClamAV 1.3 HTML Parser undefined behavior for input to api
CVE-2024-23557 | HCL Connections 7.0/8.0 information disclosure (KB0112488)
CVE-2024-29987 | Microsoft Edge prior 124.0.2478.51 information disclosure
CVE-2024-29986 | Microsoft Edge prior 124.0.2478.51 on Android unknown vulnerability
CVE-2024-1480 | Unitronics Vision 530 storing passwords in a recoverable format (icsa-24-109-01)
CVE-2024-3818 | Essential Blocks Plugin up to 4.5.9 on WordPress Social Icons Block cross site scripting
CVE-2024-32332 | Totolink N300RT 2.1.8-B20201030.1539 Wireless Page cross site scripting
![securit.ie Logo by clatrickparke[@]gmail.com](/static/slandail-logo.png){kind=logo}
Slándáil Research: Feeds