CVEs from 2024
Total
6,622
critical
critical 169
high
high 1,066
medium
medium 2,079
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- propertyhive 5
- glibc 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-32831 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lorna Timbah (webgrrrl) Accessibility Widget allows Stored XSS.This issue affects Accessibility W… | |||
| CVE-2024-33943 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HappyKite Ultimate Under Construction allows Stored XSS.This issue affects Ultimate Under Constru… | |||
| CVE-2024-33940 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashan Jay EventON allows Stored XSS.This issue affects EventON: from n/a through 2.2.14. | |||
| CVE-2024-4433 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mr Digital Simple Image Popup allows Stored XSS.This issue affects Simple Image Popup: from n/a t… | |||
| CVE-2024-33643 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kailey Lampert Advanced Most Recent Posts Mod allows Stored XSS.This issue affects Advanced Most … | |||
| CVE-2024-4234 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sayful Islam Filterable Portfolio allows Stored XSS.This issue affects Filterable Portfolio: from… | |||
| CVE-2024-33697 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rimes Gold CF7 File Download – File Download for CF7 allows Stored XSS.This issue affects CF7 Fil… | |||
| CVE-2024-33696 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Broadstreet XPRESS WordPress Ad Widget allows Stored XSS.This issue affects WordPress Ad Widget: … | |||
| CVE-2024-33695 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode Fan Page Widget by ThemeNcode allows Stored XSS.This issue affects Fan Page Widget by … | |||
| CVE-2024-33693 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Meks Meks Smart Social Widget allows Stored XSS.This issue affects Meks Smart Social Widget: from… | |||
| CVE-2024-33692 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Satrya Smart Recent Posts Widget allows Stored XSS.This issue affects Smart Recent Posts Widget: … | |||
| CVE-2024-33642 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EkoJR Advanced Post List allows Stored XSS.This issue affects Advanced Post List: from n/a throug… | |||
| CVE-2024-33598 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Twinpictures Annual Archive allows Stored XSS.This issue affects Annual Archive: from n/a through… | |||
| CVE-2024-32707 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Image Slider Widget allows Stored XSS.This issue affects Image Slider Widget: from n/a t… | |||
| CVE-2024-32722 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Coupon & Discount Code Reveal Button allows Stored XSS.This issue affects Coupon & Discount Code … | |||
| CVE-2024-32834 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee WooCommerce Shipping Label allows Stored XSS.This issue affects WooCommerce Shipping La… | |||
| CVE-2024-32833 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Halsey List Custom Taxonomy Widget allows Stored XSS.This issue affects List Custom Taxonomy… | |||
| CVE-2024-32801 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShapedPlugin Widget Post Slider allows Stored XSS.This issue affects Widget Post Slider: from n/a… | |||
| CVE-2024-32780 | medium | 5.9 | 5.9 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in E4J s.R.L. VikRentCar.This issue affects VikRentCar: from n/a through 1.3.2. | |||
| CVE-2024-32690 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood RSS Feed Widget allows Stored XSS.This issue affects RSS Feed Widget: from n/a thro… | |||
| CVE-2024-32585 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue aff… | |||
| CVE-2024-32591 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniele De Rosa Backend Designer allows Stored XSS.This issue affects Backend Designer: from n/a … | |||
| CVE-2024-32540 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Web357 Fixed HTML Toolbar allows Stored XSS.This issue affects Fixed HTML Toolbar: from n/a throu… | |||
| CVE-2024-32548 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hideki Tanaka What's New Generator allows Stored XSS.This issue affects What's New Generator: fro… | |||
| CVE-2024-32083 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Varun Kumar Easy Logo allows Stored XSS.This issue affects Easy Logo: from n/a through 1.9.3. | |||
| CVE-2024-31937 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visitor Analytics TWIPLA (Visitor Analytics IO) allows Stored XSS.This issue affects TWIPLA (Visi… | |||
| CVE-2024-31931 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Save as Image plugin by Pdfcrowd allows Stored XSS.This issue affects Save as Image plugin by Pdf… | |||
| CVE-2024-31930 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin b… | |||
| CVE-2024-31928 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Darko Top Bar allows Stored XSS.This issue affects Top Bar: from n/a through 3.0.5. | |||
| CVE-2024-31927 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aminur Islam WP Login and Logout Redirect allows Stored XSS.This issue affects WP Login and Logou… | |||
| CVE-2024-31926 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BracketSpace Advanced Cron Manager – debug & control allows Stored XSS.This issue affects Advance… | |||
| CVE-2024-31925 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FAKTOR VIER F4 Improvements allows Stored XSS.This issue affects F4 Improvements: from n/a throug… | |||
| CVE-2024-31387 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Popup LikeBox Team Popup Like box allows Stored XSS.This issue affects Popup Like box: from n/a t… | |||
| CVE-2024-31361 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bunny.Net allows Stored XSS.This issue affects bunny.Net: from n/a through 2.0.1. | |||
| CVE-2024-32080 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Pelton Search Keyword Redirect allows Stored XSS.This issue affects Search Keyword Redirect:… | |||
| CVE-2024-27966 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Quiz And Survey Master allows Stored XSS.This issue affects Quiz And Survey Master: f… | |||
| CVE-2024-31344 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Phpbits Creative Studio Easy Login Styler – White Label Admin Login Page for WordPress allows Sto… | |||
| CVE-2024-31102 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scimone Ignazio Prenotazioni allows Stored XSS.This issue affects Prenotazioni: from n/a through … | |||
| CVE-2024-31089 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Techblissonline.Com (Rajesh) Platinum SEO allows Stored XSS.This issue affects Platinum SEO: from… | |||
| CVE-2024-30554 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wouter Dijkstra DD Rating allows Stored XSS.This issue affects DD Rating: from n/a through 1.7.1. | |||
| CVE-2024-30553 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joby Joseph WP Twitter Mega Fan Box Widget allows Stored XSS.This issue affects WP Twitter Mega F… | |||
| CVE-2024-30548 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noah Kagan underConstruction allows Stored XSS.This issue affects underConstruction: from n/a thr… | |||
| CVE-2024-30440 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Themify Event Post allows Stored XSS.This issue affects Themify Event Post: from n/a thro… | |||
| CVE-2024-30434 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP-CRM System allows Stored XSS.This issue affects WP-CRM System: from n/a through 3.2.9. | |||
| CVE-2024-30452 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginOps Landing Page Builder allows Stored XSS.This issue affects Landing Page Builder: from n/… | |||
| CVE-2024-30448 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Supsystic Slider by Supsystic allows Stored XSS.This issue affects Slider by Supsystic: from n/a … | |||
| CVE-2024-30444 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zionbuilder.Io WordPress Page Builder – Zion Builder allows Stored XSS.This issue affects WordPre… | |||
| CVE-2024-29768 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra allows Stored XSS.This issue affects Astra: from n/a through 4.6.4. | |||
| CVE-2024-30181 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Plainware Locatoraid Store Locator allows Stored XSS.This issue affects Locatoraid Store Locator:… | |||
| CVE-2024-29818 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Poll Maker & Voting Plugin Team (InfoTheme) WP Poll Maker allows Stored XSS.This issue affects WP… | |||
| CVE-2024-29816 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in htdat Woo Viet allows Stored XSS.This issue affects Woo Viet: from n/a through 1.5.2. | |||
| CVE-2024-29815 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aminur Islam WP Change Email Sender allows Stored XSS.This issue affects WP Change Email Sender: … | |||
| CVE-2024-29813 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CartFlows Inc. Funnel Builder by CartFlows allows Stored XSS.This issue affects Funnel Builder by… | |||
| CVE-2024-29819 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syam Mohan WPFront Notification Bar allows Stored XSS.This issue affects WPFront Notification Bar… | |||
| CVE-2024-29929 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WC Lovers WCFM – Frontend Manager for WooCommerce allows Stored XSS.This issue affects WCFM – Fro… | |||
| CVE-2024-29922 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Quantum Cloud Slider Hero allows Stored XSS.This issue affects Slider Hero: from n/a through 8.6.… | |||
| CVE-2024-2579 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Data443 Tracking Code Manager.This issue affects Tracking Code Manager: from n/a through 2.0.16. | |||
| CVE-2024-29105 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timersys WP Popups allows Stored XSS.This issue affects WP Popups: from n/a through 2.1.5.5. | |||
| CVE-2024-29124 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AAM Advanced Access Manager allows Stored XSS.This issue affects Advanced Access Manager: from n/… | |||
| CVE-2024-29140 | medium | 5.9 | 5.9 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt Manning MJM Clinic allows Stored XSS.This issue affects MJM Clinic: from n/a through 1.1.22. | |||
| CVE-2024-35910 | medium | 5.8 | 5.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding n… | |||
| CVE-2024-32587 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a throu… | |||
| CVE-2024-32547 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Inse… | |||
| CVE-2024-31122 | medium | 5.8 | 5.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prism IT Systems User Rights Access Manager allows Reflected XSS.This issue affects User Rights A… | |||
| CVE-2024-36894 | medium | 5.6 | 5.6 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete FFS based applications can utilize the aio_cancel() cal… | |||
| CVE-2024-33655 | medium | — | 5.5 | 18d ago | Moderate: unbound security update | |||
| CVE-2024-51394 | medium | 5.5 | 5.5 | 23d ago | Buffer Overflow vulnerability in Ardupiot Copter Latest commit 92693e023793133e49a035daf37c14433e484778 allows a local attacker to cause a denial of service via the AP_MSP::loop, AP_MSP, AP_MSP.cpp c… | |||
| CVE-2024-26766 | medium | — | 5.5 | 4mo ago | In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error Unfortunately the commit `fd8958efe877` introduced another error causing the `… | |||
| CVE-2024-50195 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57990 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57989 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-56786 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58012 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57981 | medium | 5.5 | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57988 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57998 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57995 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57986 | medium | 5.5 | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57987 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-57993 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-50294 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-49864 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53119 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-47727 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58077 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58083 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58062 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58088 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58075 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-50060 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58057 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-58015 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53229 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53216 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53135 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53170 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53090 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-53052 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-47679 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update | |||
| CVE-2024-46689 | medium | — | 5.5 | 7mo ago | Moderate: kernel security update |