CVEs from 2024
Total
6,632
critical
critical 166
high
high 1,073
medium
medium 2,066
low
low 49
% Critical
2.5%
% with KEV
2.5%
% with exploit
3.4%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- propertyhive 5
- glibc 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-21749 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Atakan Au 1 click disable all.This issue affects 1 click disable all: from n/a through 1.0.1. | |||
| CVE-2024-24702 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Matt Martz & Andy Stratton Page Restrict.This issue affects Page Restrict: from n/a through 2.5.5. | |||
| CVE-2024-24868 | high | 8.8 | 8.8 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager: from … | |||
| CVE-2024-25909 | high | 8.8 | 8.8 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2. | |||
| CVE-2024-25915 | high | 8.8 | 8.8 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in Raaj Trambadia Pexels: Free Stock Photos.This issue affects Pexels: Free Stock Photos: from n/a through 1.2.2. | |||
| CVE-2024-24802 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in John Tendik JTRT Responsive Tables.This issue affects JTRT Responsive Tables: from n/a through 4.1.9. | |||
| CVE-2024-24798 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in SoniNow Team Debug.This issue affects Debug: from n/a through 1.10. | |||
| CVE-2024-25904 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in David Stockl TinyMCE and TinyMCE Advanced Professsional Formats and Styles.This issue affects TinyMCE and TinyMCE Advanced Professsional Formats and… | |||
| CVE-2024-24876 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Janis Elsts Admin Menu Editor.This issue affects Admin Menu Editor: from n/a through 1.12. | |||
| CVE-2024-24872 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Themify Themify Builder.This issue affects Themify Builder: from n/a through 7.0.5. | |||
| CVE-2024-24849 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Mark Stockton Quicksand Post Filter jQuery Plugin.This issue affects Quicksand Post Filter jQuery Plugin: from n/a through 3.1.1. | |||
| CVE-2024-24843 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in PowerPack Addons for Elementor PowerPack Pro for Elementor.This issue affects PowerPack Pro for Elementor: from n/a before 2.10.8. | |||
| CVE-2024-25914 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Photoboxone SMTP Mail.This issue affects SMTP Mail: from n/a through 1.3.20. | |||
| CVE-2024-24935 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in WpSimpleTools Basic Log Viewer.This issue affects Basic Log Viewer: from n/a through 1.0.4. | |||
| CVE-2024-24929 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Ryan Duff, Peter Westwood WP Contact Form.This issue affects WP Contact Form: from n/a through 1.6. | |||
| CVE-2024-24887 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Contest Gallery Photos and Files Contest Gallery – Contact Form, Upload Form, Social Share and Voting Plugin for WordPress.This issue affects Photos… | |||
| CVE-2024-24884 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft Contact Form 7 Connector.This issue affects Contact Form 7 Connector: from n/a through 1.2.2. | |||
| CVE-2024-24875 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Yannick Lefebvre Link Library.This issue affects Link Library: from n/a through 7.5.13. | |||
| CVE-2024-24926 | high | 8.8 | 8.8 | 2y ago | Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme.This issue affects Brooklyn | Creative Multi-Purpose Responsive WordPress … | |||
| CVE-2024-24796 | high | 8.8 | 8.8 | 2y ago | Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin.This issue affects Event Manager and Tickets… | |||
| CVE-2024-22140 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Profile Builder Pro.This issue affects Profile Builder Pro: from n/a through 3.10.0. | |||
| CVE-2024-22136 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in DroitThemes Droit Elementor Addons – Widgets, Blocks, Templates Library For Elementor Builder.This issue affects Droit Elementor Addons – Widgets, B… | |||
| CVE-2024-22304 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Borbis Media FreshMail For WordPress.This issue affects FreshMail For WordPress: from n/a through 2.3.2. | |||
| CVE-2024-22291 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi Browser Theme Color.This issue affects Browser Theme Color: from n/a through 1.3. | |||
| CVE-2024-22285 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Elise Bosse Frontpage Manager.This issue affects Frontpage Manager: from n/a through 1.3. | |||
| CVE-2024-22143 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in WP Spell Check.This issue affects WP Spell Check: from n/a through 9.17. | |||
| CVE-2024-22290 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in AboZain,O7abeeb,UnitOne Custom Dashboard Widgets allows Cross-Site Scripting (XSS).This issue affects Custom Dashboard Widgets: from n/a through 1.3… | |||
| CVE-2024-22283 | high | 8.8 | 8.8 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Delhivery Delhivery Logistics Courier.This issue affects Delhivery Logistics Courier: from n/a th… | |||
| CVE-2024-3092 | high | 8.7 | 8.7 | 2y ago | An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. A payload may lead to a Stored XSS while using t… | |||
| CVE-2024-31277 | high | 8.7 | 8.7 | 2y ago | Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue affects Product Designer: from n/a through 1.0.32. | |||
| CVE-2024-24842 | high | 8.7 | 8.7 | 2y ago | Deserialization of Untrusted Data vulnerability in Echo Plugins Knowledge Base for Documentation, FAQs with AI Assistance.This issue affects Knowledge Base for Documentation, FAQs with AI Assistance:… | |||
| CVE-2024-40646 | high | 8.6 | 8.6 | 3d ago | Vertex is a management tool for PT (Private Tracker) users to manage streaming and watching videos. Versions prior to commit fbde301b97986d5913fc4bc95f5445750d282e11 are vulnerable to path traversal.… | |||
| CVE-2024-13174 | high | 8.6 | 8.6 | 9mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E1 Informatics Web Application allows SQL Injection. This issue affects Web Application: through… | |||
| CVE-2024-12367 | high | 8.6 | 8.6 | 9mo ago | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vegagrup Software Vega Master allows Directory Indexing. This issue affects Vega Master: from v.1.12.35 th… | |||
| CVE-2024-9149 | high | 8.6 | 8.6 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wind Media E-Commerce Website Template allows SQL Injection. This issue affects E-Commerce Websi… | |||
| CVE-2024-21549 | high | 8.6 | 8.6 | 2y ago | Browsershot Improper Input Validation vulnerability | |||
| CVE-2024-21544 | high | 8.6 | 8.6 | 2y ago | Browsershot Local File Inclusion | |||
| CVE-2024-21542 | high | 8.6 | 8.6 | 2y ago | Versions of the package luigi before 3.6.0 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) due to improper destination file path validation in the _extract_packages_archive f… | |||
| CVE-2024-3370 | high | 8.6 | 8.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Egebilgi Software Website Template allows SQL Injection. This issue affects Website Template: be… | |||
| CVE-2024-49315 | high | 8.6 | 8.6 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CodeFlock FREE DOWNLOAD MANAGER free-download-manager allows Path Traversal.This issue affects FREE DOW… | |||
| CVE-2024-49253 | high | 8.6 | 8.6 | 2y ago | Relative Path Traversal vulnerability in JamesPark.ninja Analyse Uploads analyse-uploads allows Relative Path Traversal.This issue affects Analyse Uploads: from n/a through <= 0.5. | |||
| CVE-2024-34378 | high | 8.6 | 8.6 | 2y ago | Missing Authorization vulnerability in LeadConnector.This issue affects LeadConnector: from n/a through 1.7. | |||
| CVE-2024-32562 | high | 8.6 | 8.6 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Stored XSS.This issue affects Z Y N I T H: from n/a through… | |||
| CVE-2024-25911 | high | 8.6 | 8.6 | 2y ago | Missing Authorization vulnerability in Skymoon Labs MoveTo.This issue affects MoveTo: from n/a through 6.2. | |||
| CVE-2024-12651 | high | 8.5 | 8.5 | 1y ago | Exposed Dangerous Method or Function vulnerability in PTT Inc. HGS Mobile App allows Manipulating User-Controlled Variables. This issue affects HGS Mobile App: before 6.5.0. | |||
| CVE-2024-49333 | high | 8.5 | 8.5 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affec… | |||
| CVE-2024-49303 | high | 8.5 | 8.5 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affec… | |||
| CVE-2024-49244 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vrinsoft CSV Product Import Export for WooCommerce csv-wc-product-import-export.This issue affect… | |||
| CVE-2024-34412 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Parcel Panel ParcelPanel.This issue affects ParcelPanel: from n/a through 3.8.1. | |||
| CVE-2024-32710 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5. | |||
| CVE-2024-32137 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin User Activity Log Pro.This issue affects User Activity Log Pro: from n/a through 2.3.4. | |||
| CVE-2024-31355 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8. | |||
| CVE-2024-31370 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CodeIsAwesome AIKit aikit-wordpress-ai-writing-assistant-using-gpt3.This issue affects AIKit: fro… | |||
| CVE-2024-31234 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sizam REHub Framework.This issue affects REHub Framework: from n/a before 19.6.2. | |||
| CVE-2024-31233 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sizam Rehub.This issue affects Rehub: from n/a through 19.6.1. | |||
| CVE-2024-27191 | high | 8.5 | 8.5 | 2y ago | Improper Control of Generation of Code ('Code Injection') vulnerability in inpersttion Slivery Extender slivery-extender allows Remote Code Inclusion.This issue affects Slivery Extender: from n/a thr… | |||
| CVE-2024-30535 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WhiteStudio Easy Form Builder.This issue affects Easy Form Builder: from n/a through 3.7.4. | |||
| CVE-2024-30489 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment… | |||
| CVE-2024-31094 | high | 8.5 | 8.5 | 2y ago | Deserialization of Untrusted Data vulnerability in Filter Custom Fields & Taxonomies Light.This issue affects Filter Custom Fields & Taxonomies Light: from n/a through 1.05. | |||
| CVE-2024-30243 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tomas WordPress Tooltips.This issue affects WordPress Tooltips: from n/a before 9.4.5. | |||
| CVE-2024-30242 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IT Path Solutions Contact Form to Any API.This issue affects Contact Form to Any API: from n/a th… | |||
| CVE-2024-30240 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Typps Calendarista.This issue affects Calendarista: from n/a through 15.5.7. | |||
| CVE-2024-30239 | high | 8.5 | 8.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.6. | |||
| CVE-2024-53326 | high | 7.3 | 8.3 | 27d ago | LINQPad before 5.52.01 Pro edition is vulnerable to Unsafe Deserialization in LINQPad.AutoRefManager::PopulateFromCache(), leading to code execution. | |||
| CVE-2024-45257 | high | 7.3 | 8.3 | 27d ago | A Command Injection issue in the payload build page in BYOB (Build Your Own Botnet) 2.0 allows attackers to execute arbitrary commands on the server via a crafted build parameter. This occurs in free… | |||
| CVE-2024-30151 | high | 8.3 | 8.3 | 29d ago | HCL BigFix Service Management (SX) is affected by a Broken Access Control vulnerability leading to privilege escalation. This could allow unauthorized users to gain elevated privileges, bypassing in… | |||
| CVE-2024-12917 | high | 8.3 | 8.3 | 1y ago | Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All allows Exploiting Incorrectly Configured Access Control Security Levels, Authentication Abuse. This iss… | |||
| CVE-2024-3727 | high | 8.3 | 8.3 | 2y ago | A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, … | |||
| CVE-2024-2961 | high | 7.3 | 8.3 | 2y ago | RHSA-2024:3269: glibc security update (Important) | |||
| CVE-2024-56182 | high | 8.2 | 8.2 | 1y ago | A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC Field PG M6 (All versions < V26.01.12), SIMATIC IPC BX-21A (All versions < V31.01.07), SIMATIC IPC BX-32A (All versi… | |||
| CVE-2024-56181 | high | 8.2 | 8.2 | 1y ago | A vulnerability has been identified in SIMATIC Field PG M5 (All versions), SIMATIC IPC BX-21A (All versions < V31.01.07), SIMATIC IPC BX-32A (All versions < V29.01.07), SIMATIC IPC BX-39A (All versio… | |||
| CVE-2024-9334 | high | 8.2 | 8.2 | 1y ago | Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control vulnerability in E-Kent Pallium Vehicle Tracking allows Authentication Bypass. This issue affects Palli… | |||
| CVE-2024-7837 | high | 8.2 | 8.2 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Firmanet Software ERP allows SQL Injection. This issue affects ERP: through 22.11.2024. NOTE… | |||
| CVE-2024-8642 | high | 8.1 | 8.1 | 2y ago | Eclipse Dataspace Components's ConsumerPullTransferTokenValidationApiController doesn't check for token validit | |||
| CVE-2024-8163 | high | 8.1 | 8.1 | 2y ago | A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. Affected by this issue is the function destroyFiles of the file /admin/file_manager/files. The manipulation of… | |||
| CVE-2024-33599 | high | 8.1 | 8.1 | 2y ago | RHSA-2024:3344: glibc security update (Important) | |||
| CVE-2024-31240 | high | 8.1 | 8.1 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in InfoTheme WP Poll Maker.This issue affects WP Poll Maker: from n/a through 3.1. | |||
| CVE-2024-27289 | high | 8.1 | 8.1 | 2y ago | pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder fo… | |||
| CVE-2024-22305 | high | 8.1 | 8.1 | 2y ago | Authorization Bypass Through User-Controlled Key vulnerability in ali Forms Contact Form builder with drag & drop for WordPress – Kali Forms.This issue affects Contact Form builder with drag & drop f… | |||
| CVE-2024-47191 | high | — | 8.0 | — | pam_oath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because, in the context of PAM code running as root, it mishandles usersfile access, such as by calling… | |||
| CVE-2024-27355 | high | — | 8.0 | 27d ago | phpseclib guardrails needed on OID length | |||
| CVE-2024-43384 | high | 8.0 | 8.0 | 28d ago | A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer. | |||
| CVE-2024-27354 | high | — | 8.0 | 29d ago | phpseclib: guardrails needed on isPrime and randomPrime | |||
| CVE-2024-5642 | high | — | 8.0 | 6mo ago | CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-re… | |||
| CVE-2024-50349 | high | — | 8.0 | 11mo ago | RHSA-2025:11534: git security update (Important) | |||
| CVE-2024-52006 | high | — | 8.0 | 11mo ago | RHSA-2025:11534: git security update (Important) | |||
| CVE-2024-58002 | high | — | 8.0 | 11mo ago | In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that started the… | |||
| CVE-2024-56337 | high | — | 8.0 | 11mo ago | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 throu… | |||
| CVE-2024-6174 | high | — | 8.0 | 11mo ago | RHSA-2025:11324: cloud-init security update (Important) | |||
| CVE-2024-12718 | high | — | 8.0 | 11mo ago | Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerabi… | |||
| CVE-2024-58069 | high | — | 8.0 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interface supports variable buffer sizes, while the regma… | |||
| CVE-2024-39279 | high | — | 8.0 | 1y ago | RHEA-2025:3114: microcode_ctl bug fix and enhancement update (Important) | |||
| CVE-2024-31157 | high | — | 8.0 | 1y ago | RHEA-2025:3114: microcode_ctl bug fix and enhancement update (Important) | |||
| CVE-2024-28047 | high | — | 8.0 | 1y ago | RHEA-2025:3114: microcode_ctl bug fix and enhancement update (Important) | |||
| CVE-2024-58007 | high | — | 8.0 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: socinfo: Avoid out of bounds read of serial number On MSM8916 devices, the serial number exposed in sysfs is constant … | |||
| CVE-2024-53141 | high | — | 8.0 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exis… | |||
| CVE-2024-11235 | high | — | 8.0 | 1y ago | Important: php:8.3 security update | |||
| CVE-2024-42322 | high | — | 8.0 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1… | |||
| CVE-2024-55549 | high | — | 8.0 | 1y ago | RHSA-2025:3615: libxslt security update (Important) | |||
| CVE-2024-54551 | high | — | 8.0 | 1y ago | The issue was addressed with improved memory handling. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing web content m… |