CVEs from 2024
Total
6,627
critical
critical 166
high
high 1,065
medium
medium 2,077
low
low 49
% Critical
2.5%
% with KEV
2.5%
% with exploit
3.4%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- propertyhive 5
- glibc 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-47698 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error Ensure index in rtl2832_pid_filter does not exceed 31 to … | |||
| CVE-2024-47697 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error Ensure index in rtl2830_pid_filter does not exceed 31 to … | |||
| CVE-2024-47696 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency In the commit aee2424246f9 ("RDMA/iwcm: Fix a use-after-free… | |||
| CVE-2024-36978 | high | 7.8 | 7.8 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-39502 | high | 7.8 | 7.8 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-46859 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses The panasonic laptop code in various places uses the SINF a… | |||
| CVE-2024-46852 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VM_DONTEXPAND was added in commit 1c1914d6e8c6 ("dma-buf: heaps: D… | |||
| CVE-2024-46849 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card->dai_link' is reallocated in 'meson_card_reallocate_links()', so move 'p… | |||
| CVE-2024-46830 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS Grab kvm->srcu when processing KVM_SET_VCPU_EVENTS, as KVM will for… | |||
| CVE-2024-46821 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix negative array index read Avoid using the negative values for clk_idex as an index into an array pptable->DpmDesc… | |||
| CVE-2024-46813 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_index before accessing dc->links[] [WHY & HOW] dc->links[] has max size of MAX_LINKS and NULL is retu… | |||
| CVE-2024-46812 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration [Why] Coverity reports Memory - illegal accesses. … | |||
| CVE-2024-38250 | high | 7.8 | 7.8 | 2y ago | Windows Graphics Component Elevation of Privilege Vulnerability | |||
| CVE-2024-43858 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree | |||
| CVE-2024-27065 | high | 7.8 | 7.8 | 2y ago | Important: kernel security update | |||
| CVE-2024-35789 | high | 7.8 | 7.8 | 2y ago | Important: kernel security update | |||
| CVE-2024-40958 | high | 7.8 | 7.8 | 2y ago | Important: kernel security update | |||
| CVE-2024-26852 | high | 7.8 | 7.8 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-36904 | high | 7.8 | 7.8 | 2y ago | Important: kernel security update | |||
| CVE-2024-41000 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer show… | |||
| CVE-2024-38578 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields… | |||
| CVE-2024-38552 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color transformation function Fixes index out of bounds issue in the color … | |||
| CVE-2024-30104 | high | 7.8 | 7.8 | 2y ago | Microsoft Office Remote Code Execution Vulnerability | |||
| CVE-2024-27396 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal of gtp_dell… | |||
| CVE-2024-27024 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/rds: fix WARNING in rds_conn_connect_if_down If connection isn't established yet, get_mr() will fail, trigger connection afte… | |||
| CVE-2024-26898 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: … | |||
| CVE-2024-26895 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces wilc_netdev_cleanup currently triggers a KASAN warn… | |||
| CVE-2024-26885 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix DEVMAP_HASH overflow check on 32-bit arches The devmap code allocates a number hash buckets equal to the next power of t… | |||
| CVE-2024-26884 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash bu… | |||
| CVE-2024-26883 | high | 7.8 | 7.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check on 32-bit arches The stackmap code relies on roundup_pow_of_two() to compute the number of hash … | |||
| CVE-2024-26257 | high | 7.8 | 7.8 | 2y ago | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2024-20673 | high | 7.8 | 7.8 | 2y ago | Microsoft Office Remote Code Execution Vulnerability | |||
| CVE-2024-1438 | high | 7.7 | 7.7 | 2y ago | Missing Authorization vulnerability in PressFore Rolo Slider.This issue affects Rolo Slider: from n/a through 1.0.9. | |||
| CVE-2024-12137 | high | 7.6 | 7.6 | 1y ago | Authentication Bypass by Capture-replay vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Session Hijacking. This issue affects ANKA JPD-00028: before V.01.01. | |||
| CVE-2024-7872 | high | 7.6 | 7.6 | 1y ago | Insertion of Sensitive Information Into Sent Data vulnerability in ExtremePACS Extreme XDS allows Retrieve Embedded Sensitive Data. This issue affects Extreme XDS: before 3933. | |||
| CVE-2024-11216 | high | 7.6 | 7.6 | 1y ago | Authorization Bypass Through User-Controlled Key, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in PozitifIK Pik Online allows Account Footprinting, Session Hijackin… | |||
| CVE-2024-54284 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through … | |||
| CVE-2024-54283 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through … | |||
| CVE-2024-34386 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lucian Apostol Auto Affiliate Links.This issue affects Auto Affiliate Links: from n/a through 6.4… | |||
| CVE-2024-32810 | high | 7.6 | 7.6 | 2y ago | Missing Authorization vulnerability in ShortPixel ShortPixel Critical CSS.This issue affects ShortPixel Critical CSS: from n/a through 1.0.2. | |||
| CVE-2024-32693 | high | 7.6 | 7.6 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in ValvePress Automatic.This issue affects Automatic: from n/a before 3.93.0. | |||
| CVE-2024-32551 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager : from… | |||
| CVE-2024-32136 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through … | |||
| CVE-2024-32135 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPZest Disable Comments | WPZest.This issue affects Disable Comments | WPZest: from n/a through 1… | |||
| CVE-2024-32134 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nasirahmed Forms to Zapier, Integromat, IFTTT, Workato, Automate.Io, elastic.Io, Built.Io, APIANT… | |||
| CVE-2024-32132 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Codeboxr Team CBX Bookmark & Favorite.This issue affects CBX Bookmark & Favorite: from n/a throug… | |||
| CVE-2024-32098 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: fr… | |||
| CVE-2024-31356 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin Infotech User Activity Log.This issue affects User Activity Log: from n/a through 1.8. | |||
| CVE-2024-31241 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThimPress LearnPress Export Import.This issue affects LearnPress Export Import: from n/a through … | |||
| CVE-2024-30494 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 沈唁 OSS Aliyun.This issue affects OSS Aliyun: from n/a through 1.4.10. | |||
| CVE-2024-30487 | high | 7.6 | 7.6 | 2y ago | Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 5.… | |||
| CVE-2024-25924 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Trustindex.Io WP Testimonials.This issue affects WP Testimonials: from n/a through 1.4.3. | |||
| CVE-2024-30237 | high | 7.6 | 7.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Supsystic Slider by Supsystic.This issue affects Slider by Supsystic: from n/a through 1.8.10. | |||
| CVE-2024-14036 | high | 7.5 | 7.5 | 2d ago | Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unenc… | |||
| CVE-2024-46508 | high | 7.5 | 7.5 | 28d ago | yeti-platform yeti before 2.1.12 allows attackers to generate valid JWT tokens is the secret is not changed (by setting YETI_AUTH_SECRET_KEY to a value other than SECRET). | |||
| CVE-2024-27686 | high | 7.5 | 7.5 | 28d ago | Mikrotik RouterOS (x86) 6.40.5 through 6.49.10 (fixed in 7) allows a remote attacker to cause a denial of service (device crash) via crafted packet data to the SMB service on TCP port 445. | |||
| CVE-2024-52911 | high | 7.5 | 7.5 | 1mo ago | Bitcoin Core through 28.x has a security issue, the details of which are not disclosed. The earliest affected version is 0.14. | |||
| CVE-2024-13971 | high | 7.5 | 7.5 | 1mo ago | Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobster_pro prior to version 4.12.6-GA. This allows them to obtain read access to files on the application server a… | |||
| CVE-2024-39847 | high | 7.5 | 7.5 | 1mo ago | Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adja… | |||
| CVE-2024-14033 | high | 7.5 | 7.5 | 2mo ago | Hirschmann EagleSDV firmware prior to 05.4.02 contains a denial-of-service vulnerability in TLS session establishment. Attackers can crash the device during TLS handshake by exploiting protocol downg… | |||
| CVE-2024-12146 | high | 7.5 | 7.5 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Finder Fire Safety Finder ERP/CRM (New System) allows SQL Injection. This issue affects Finder E… | |||
| CVE-2024-8261 | high | 7.5 | 7.5 | 1y ago | Authorization Bypass Through User-Controlled Key vulnerability in Proliz Software OBS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OBS: before 24.0927. | |||
| CVE-2024-43333 | high | 7.5 | 7.5 | 1y ago | Incorrect Privilege Assignment vulnerability in NotFound Admin and Site Enhancements (ASE) Pro allows Privilege Escalation. This issue affects Admin and Site Enhancements (ASE) Pro: from n/a through … | |||
| CVE-2024-54508 | high | 7.5 | 7.5 | 1y ago | The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processi… | |||
| CVE-2024-56067 | high | 7.5 | 7.5 | 1y ago | Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/… | |||
| CVE-2024-21548 | high | 7.5 | 7.5 | 2y ago | Bun has an Application-level Prototype Pollution vulnerability in the runtime native API for Glo | |||
| CVE-2024-54279 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tobias Keller WP-NERD Toolkit wp-nerd-toolkit.This issue affects WP-NERD Toolkit: from n/a through <= 1.1. | |||
| CVE-2024-53804 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster wp-mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through <= 1.8.16… | |||
| CVE-2024-52481 | high | 7.5 | 7.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Astoundify Jobify jobify allows Relative Path Traversal.This issue affects Jobify: from n/a through < 4… | |||
| CVE-2024-7026 | high | 7.5 | 7.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Teknogis Informatics Closed Circuit Vehicle Tracking Software allows SQL Injection, Blind SQL Inj… | |||
| CVE-2024-52449 | high | 7.5 | 7.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Navneil Naicer Bootscraper allows PHP Local File Inclusion.This issue affects Bootscraper: from n/a thr… | |||
| CVE-2024-49997 | high | 7.5 | 7.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclo… | |||
| CVE-2024-49317 | high | 7.5 | 7.5 | 2y ago | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ZIPANG Point Maker point-maker allows PHP Local File Inclusion.This issue affe… | |||
| CVE-2024-49235 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information Into Sent Data vulnerability in videowhisper Contact Forms, Live Support, CRM, Video Messages live-support-tickets allows Retrieve Embedded Sensitive Data.This issu… | |||
| CVE-2024-49245 | high | 7.5 | 7.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in nahimsalami Ahime Image Printer ahime-image-printer.This issue affects Ahime Image Printer: from n/a th… | |||
| CVE-2024-38863 | high | 7.5 | 7.5 | 2y ago | Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35 and <2.1.0p48 could lead to a leak of the token to facilitate targeted phishin… | |||
| CVE-2024-6400 | high | 7.5 | 7.5 | 2y ago | Cleartext Storage of Sensitive Information, Exposure of Sensitive Information Through Data Queries vulnerability in Finrota Netahsilat allows Retrieve Embedded Sensitive Data, Authentication Bypass, … | |||
| CVE-2024-8644 | high | 7.5 | 7.5 | 2y ago | Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp allows Protocol Manipulation, : JSON Hijacking (aka JavaScript Hijacking). This issue affects ValeApp… | |||
| CVE-2024-8609 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information. This issue affects ValeApp: before v2.0.0. | |||
| CVE-2024-7107 | high | 7.5 | 7.5 | 2y ago | Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Services CyberMath allows Collect Data from Common Resource Locations. This issue affects CyberMath:… | |||
| CVE-2024-46382 | high | 7.5 | 7.5 | 2y ago | A SQL injection vulnerability in linlinjava litemall 1.8.0 allows a remote attacker to obtain sensitive information via the goodsId, goodsSn, and name parameters in AdminOrderController.java. | |||
| CVE-2024-6119 | high | 7.5 | 7.5 | 2y ago | Moderate: openssl security update | |||
| CVE-2024-45490 | high | 7.5 | 7.5 | 2y ago | RHSA-2024:6989: expat security update (Moderate) | |||
| CVE-2024-3306 | high | 7.5 | 7.5 | 2y ago | Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SoliClub: be… | |||
| CVE-2024-3305 | high | 7.5 | 7.5 | 2y ago | Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Utarit Information SoliClub allows Retrieve Embedded Sensitive Data. This issue affects SoliClub: before 4.4… | |||
| CVE-2024-7609 | high | 7.5 | 7.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vidco Software VOC TESTER allows Path Traversal. This issue affects VOC TESTER: before 12.34.8. | |||
| CVE-2024-6445 | high | 7.5 | 7.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in DataFlowX Technology DataDiodeX allows Path Traversal. This issue affects DataDiodeX: from v3.0.0 befo… | |||
| CVE-2024-1744 | high | 7.5 | 7.5 | 2y ago | Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Ariva Computer Accord ORS allows Retrieve Embedded Sensitive Data. This issue affects Accord ORS: before 7.3.… | |||
| CVE-2024-37370 | high | 7.5 | 7.5 | 2y ago | RHSA-2024:5312: krb5 security update (Moderate) | |||
| CVE-2024-6921 | high | 7.5 | 7.5 | 2y ago | Cleartext Storage of Sensitive Information vulnerability in NAC Telecommunication Systems Inc. NACPremium allows Retrieve Embedded Sensitive Data. This issue affects NACPremium: through 01082024. | |||
| CVE-2024-43955 | high | 7.5 | 7.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Droip allows File Manipulation.This issue affects Droip: from n/a through 1.1.1. | |||
| CVE-2024-41996 | high | 7.5 | 7.5 | 2y ago | Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expe… | |||
| CVE-2024-5862 | high | 7.5 | 7.5 | 2y ago | Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc. Mia-Med Health Aplication allows Interface Manipulation. This issue affects Mia-Med Health Aplication: … | |||
| CVE-2024-30101 | high | 7.5 | 7.5 | 2y ago | Microsoft Office Remote Code Execution Vulnerability | |||
| CVE-2024-32715 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. | |||
| CVE-2024-1272 | high | 7.5 | 7.5 | 2y ago | Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data. This issue affects Cockpit Software: before v0.251.1. | |||
| CVE-2024-21746 | high | 7.5 | 7.5 | 2y ago | Authentication Bypass by Spoofing vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Identity Spoofing.This issue affects Wp Ultimate Review: from n/a through <= 2.3.6. | |||
| CVE-2024-35166 | high | 7.5 | 7.5 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team Filebird.This issue affects Filebird: from n/a through 5.6.3. | |||
| CVE-2024-34559 | high | 7.5 | 7.5 | 2y ago | Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This issue affects Ghost: from n/a through 1.4.0. | |||
| CVE-2024-32724 | high | 7.5 | 7.5 | 2y ago | Missing Authorization vulnerability in Woo product importer Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy.This issue affects Sharkdropship dropshipping for Aliexpress, eBay, Amazon, e… |