CVEs from 2024
Total
6,613
critical
critical 169
high
high 1,066
medium
medium 2,079
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- propertyhive 5
- glibc 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-46853 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: spi: nxp-fspi: fix the KASAN report out-of-bounds bug Change the memcpy length to fix the out-of-bounds issue when writing the da… | |||
| CVE-2024-50151 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOBs when building SMB2_IOCTL request When using encryption, either enforced by the server or when using 'seal' … | |||
| CVE-2024-46871 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX [Why & How] It actually exposes '6' types in enum dmu… | |||
| CVE-2024-42302 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently… | |||
| CVE-2024-53059 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() 1. The size of the response packet is not validated. 2. … | |||
| CVE-2024-53166 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfq_limit_depth() Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by b… | |||
| CVE-2024-53213 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xx_probe(), the buffer `buf` was being freed tw… | |||
| CVE-2024-53057 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed t… | |||
| CVE-2024-57979 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: pps: Fix a use-after-free On a board running ntpd and gpsd, I'm seeing a consistent use-after-free in sys_exit() from gpsd when r… | |||
| CVE-2024-57258 | high | 7.8 | 7.8 | 1y ago | Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdiff_t is mishandled on x86_64. | |||
| CVE-2024-12251 | high | 7.8 | 7.8 | 1y ago | In Progress Telerik UI for WinUI versions prior to 2025 Q1 (3.0.0), a command injection attack is possible through improper neutralization of hyperlink elements. | |||
| CVE-2024-57951 | high | 7.8 | 7.8 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: hrtimers: Handle CPU state correctly on hotplug Consider a scenario where a CPU transitions from CPUHP_ONLINE to halfway through … | |||
| CVE-2024-50262 | high | 7.8 | 7.8 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-26951 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: check for dangling peer via is_dead instead of empty list If all peers are removed via wg_peer_remove_all(), … | |||
| CVE-2024-26958 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the following warning consistently ------------[ cut here ]----… | |||
| CVE-2024-26882 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() Apply the same fix than ones found in : 8d975c15c0cd ("ip6_tun… | |||
| CVE-2024-27395 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of… | |||
| CVE-2024-26934 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface() Among the attribute file callback routines in drivers/usb/core/sysfs.c, th… | |||
| CVE-2024-36974 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_par… | |||
| CVE-2024-35886 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6_dump_done(). syzkaller reported infinite recursive calls of fib6_dump_done() during netlink … | |||
| CVE-2024-35905 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack m… | |||
| CVE-2024-36940 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev" struct is allocated in devm_pinctrl_register_and_init(). I… | |||
| CVE-2024-26988 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: init/main.c: Fix potential static_command_line memory overflow We allocate memory of size 'xlen + strlen(boot_command_line) + 1' … | |||
| CVE-2024-26907 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------[ cut here ]------------ memcpy: detected field-s… | |||
| CVE-2024-43830 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate() Triggers which have trigger specific sysfs attributes typi… | |||
| CVE-2024-23307 | high | 7.8 | 7.8 | 2y ago | Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow. | |||
| CVE-2024-50246 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add rough attr alloc_size check | |||
| CVE-2024-50131 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen() returns a string length excluding the null byte. I… | |||
| CVE-2024-26961 | high | 7.8 | 7.8 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-49924 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: fbdev: pxafb: Fix possible use after free in pxafb_task() In the pxafb_probe function, it calls the pxafb_init_fbinfo function, a… | |||
| CVE-2024-49894 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out of bounds in degamma hardware format translation Fixes index out of bounds issue in `cm_helper_tra… | |||
| CVE-2024-47742 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Block path traversal Most firmware names are hardcoded strings, or are constructed from fairly constrained forma… | |||
| CVE-2024-47730 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - inject error before stopping queue The master ooo cannot be completely closed when the accelerator core re… | |||
| CVE-2024-47701 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem When looking up for an entry in an inlined directory, if… | |||
| CVE-2024-47698 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error Ensure index in rtl2832_pid_filter does not exceed 31 to … | |||
| CVE-2024-47697 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error Ensure index in rtl2830_pid_filter does not exceed 31 to … | |||
| CVE-2024-47696 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency In the commit aee2424246f9 ("RDMA/iwcm: Fix a use-after-free… | |||
| CVE-2024-36978 | high | 7.8 | 7.8 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-39502 | high | 7.8 | 7.8 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-46859 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses The panasonic laptop code in various places uses the SINF a… | |||
| CVE-2024-46852 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VM_DONTEXPAND was added in commit 1c1914d6e8c6 ("dma-buf: heaps: D… | |||
| CVE-2024-46849 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card->dai_link' is reallocated in 'meson_card_reallocate_links()', so move 'p… | |||
| CVE-2024-46830 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS Grab kvm->srcu when processing KVM_SET_VCPU_EVENTS, as KVM will for… | |||
| CVE-2024-46821 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clk_idex as an index into an array pptable->DpmDesc… | |||
| CVE-2024-46813 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_index before accessing dc->links[] [WHY & HOW] dc->links[] has max size of MAX_LINKS and NULL is retu… | |||
| CVE-2024-46812 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration [Why] Coverity reports Memory - illegal accesses. … | |||
| CVE-2024-38250 | high | 7.8 | 7.8 | 2y ago | Windows Graphics Component Elevation of Privilege Vulnerability | |||
| CVE-2024-43858 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree | |||
| CVE-2024-35789 | high | 7.8 | 7.8 | 2y ago | Important: kernel security update | |||
| CVE-2024-40958 | high | 7.8 | 7.8 | 2y ago | Important: kernel security update | |||
| CVE-2024-27065 | high | 7.8 | 7.8 | 2y ago | Important: kernel security update | |||
| CVE-2024-26852 | high | 7.8 | 7.8 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-36904 | high | 7.8 | 7.8 | 2y ago | Important: kernel security update | |||
| CVE-2024-41000 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer show… | |||
| CVE-2024-38578 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields… | |||
| CVE-2024-38552 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color transformation function Fixes index out of bounds issue in the color … | |||
| CVE-2024-30104 | high | 7.8 | 7.8 | 2y ago | Microsoft Office Remote Code Execution Vulnerability | |||
| CVE-2024-27396 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dell… | |||
| CVE-2024-27024 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/rds: fix WARNING in rds_conn_connect_if_down If connection isn't established yet, get_mr() will fail, trigger connection afte… | |||
| CVE-2024-26898 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: … | |||
| CVE-2024-26895 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces wilc_netdev_cleanup currently triggers a KASAN warn… | |||
| CVE-2024-26885 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix DEVMAP_HASH overflow check on 32-bit arches The devmap code allocates a number hash buckets equal to the next power of t… | |||
| CVE-2024-26884 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash bu… | |||
| CVE-2024-26883 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check on 32-bit arches The stackmap code relies on roundup_pow_of_two() to compute the number of hash … | |||
| CVE-2024-26257 | high | 7.8 | 7.8 | 2y ago | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2024-20673 | high | 7.8 | 7.8 | 2y ago | Microsoft Office Remote Code Execution Vulnerability | |||
| CVE-2024-1438 | high | 7.7 | 7.7 | 2y ago | Missing Authorization vulnerability in PressFore Rolo Slider.This issue affects Rolo Slider: from n/a through 1.0.9. | |||
| CVE-2024-12137 | high | 7.6 | 7.6 | 1y ago | Authentication Bypass by Capture-replay vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Session Hijacking. This issue affects ANKA JPD-00028: before V.01.01. | |||
| CVE-2024-7872 | high | 7.6 | 7.6 | 1y ago | Insertion of Sensitive Information Into Sent Data vulnerability in ExtremePACS Extreme XDS allows Retrieve Embedded Sensitive Data. This issue affects Extreme XDS: before 3933. | |||
| CVE-2024-11216 | high | 7.6 | 7.6 | 1y ago | Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijackin… | |||
| CVE-2024-54284 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through … | |||
| CVE-2024-54283 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through … | |||
| CVE-2024-34386 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lucian Apostol Auto Affiliate Links.This issue affects Auto Affiliate Links: from n/a through 6.4… | |||
| CVE-2024-32810 | high | 7.6 | 7.6 | 2y ago | Missing Authorization vulnerability in ShortPixel ShortPixel Critical CSS.This issue affects ShortPixel Critical CSS: from n/a through 1.0.2. | |||
| CVE-2024-32693 | high | 7.6 | 7.6 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in ValvePress Automatic.This issue affects Automatic: from n/a before 3.93.0. | |||
| CVE-2024-32551 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager : from… | |||
| CVE-2024-32136 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through … | |||
| CVE-2024-32135 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPZest Disable Comments | WPZest.This issue affects Disable Comments | WPZest: from n/a through 1… | |||
| CVE-2024-32134 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nasirahmed Forms to Zapier, Integromat, IFTTT, Workato, Automate.Io, elastic.Io, Built.Io, APIANT… | |||
| CVE-2024-32132 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Codeboxr Team CBX Bookmark & Favorite.This issue affects CBX Bookmark & Favorite: from n/a throug… | |||
| CVE-2024-32098 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: fr… | |||
| CVE-2024-31356 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin Infotech User Activity Log.This issue affects User Activity Log: from n/a through 1.8. | |||
| CVE-2024-31241 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThimPress LearnPress Export Import.This issue affects LearnPress Export Import: from n/a through … | |||
| CVE-2024-30494 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 沈唁 OSS Aliyun.This issue affects OSS Aliyun: from n/a through 1.4.10. | |||
| CVE-2024-30487 | high | 7.6 | 7.6 | 2y ago | Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 5.… | |||
| CVE-2024-25924 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Trustindex.Io WP Testimonials.This issue affects WP Testimonials: from n/a through 1.4.3. | |||
| CVE-2024-30237 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Supsystic Slider by Supsystic.This issue affects Slider by Supsystic: from n/a through 1.8.10. | |||
| CVE-2024-14036 | high | 7.5 | 7.5 | 3d ago | Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unenc… | |||
| CVE-2024-46508 | high | 7.5 | 7.5 | 29d ago | yeti-platform yeti before 2.1.12 allows attackers to generate valid JWT tokens is the secret is not changed (by setting YETI_AUTH_SECRET_KEY to a value other than SECRET). | |||
| CVE-2024-27686 | high | 7.5 | 7.5 | 29d ago | Mikrotik RouterOS (x86) 6.40.5 through 6.49.10 (fixed in 7) allows a remote attacker to cause a denial of service (device crash) via crafted packet data to the SMB service on TCP port 445. | |||
| CVE-2024-52911 | high | 7.5 | 7.5 | 1mo ago | Bitcoin Core through 28.x has a security issue, the details of which are not disclosed. The earliest affected version is 0.14. | |||
| CVE-2024-13971 | high | 7.5 | 7.5 | 1mo ago | Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobster_pro prior to version 4.12.6-GA. This allows them to obtain read access to files on the application server a… | |||
| CVE-2024-39847 | high | 7.5 | 7.5 | 1mo ago | Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adja… | |||
| CVE-2024-14033 | high | 7.5 | 7.5 | 2mo ago | Hirschmann EagleSDV firmware prior to 05.4.02 contains a denial-of-service vulnerability in TLS session establishment. Attackers can crash the device during TLS handshake by exploiting protocol downg… | |||
| CVE-2024-12146 | high | 7.5 | 7.5 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Finder Fire Safety Finder ERP/CRM (New System) allows SQL Injection. This issue affects Finder E… | |||
| CVE-2024-8261 | high | 7.5 | 7.5 | 1y ago | Authorization Bypass Through User-Controlled Key vulnerability in Proliz Software OBS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OBS: before 24.0927. | |||
| CVE-2024-43333 | high | 7.5 | 7.5 | 1y ago | Incorrect Privilege Assignment vulnerability in NotFound Admin and Site Enhancements (ASE) Pro allows Privilege Escalation. This issue affects Admin and Site Enhancements (ASE) Pro: from n/a through … | |||
| CVE-2024-54508 | high | 7.5 | 7.5 | 1y ago | The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processi… | |||
| CVE-2024-56067 | high | 7.5 | 7.5 | 1y ago | Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/… | |||
| CVE-2024-21548 | high | 7.5 | 7.5 | 2y ago | Bun has an Application-level Prototype Pollution vulnerability in the runtime native API for Glo |