Strix
26.1K

2024 CVE Vulnerabilities

39,152 CVEs published in 2024.

CRITICAL4,184

10.7%

HIGH12,950

33.1%

MEDIUM20,119

51.4%

LOW865

2.2%

UNKNOWN1,033

2.6%

CVE IDSeverityCVSSDescription
CVE-2024-23581MEDIUM6.7The HCL Traveler for Microsoft Outlook libraries are being flagged as potentially malicious software or an unrecognized ...
CVE-2024-51454MEDIUM6.1IBM Engineering Workflow Management 7.0.2 through 7.0.2 Interim Fix 035, 7.0.3 through 7.0.3 Interim Fix 017, and 7.1 th...
CVE-2024-54178MEDIUM6.5IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authen...
CVE-2024-58351CRITICAL9.3Flowise before 2.1.4 allows configuration to be injected into the Chainflow during execution via the overrideConfig opti...
CVE-2024-27928MEDIUM5.9vantage6 is an open-source infrastructure for privacy preserving analysis. Prior to version 5.0.0, if an attacker hacks ...
CVE-2024-24769LOW2.1vantage6 is an open-source infrastructure for privacy preserving analysis. Prior to version 5.0.0, users can reset their...
CVE-2024-47477MEDIUM6.5Dell PowerFlex Manager, versions prior to 4.5.1.1, contain an improper certificate validation vulnerability. A remote un...
CVE-2024-52488CRITICAL9.9Subscriber Arbitrary File Upload in Grip <= 1.0.9 versions.
CVE-2024-49269HIGH7.1Unauthenticated Cross Site Scripting (XSS) in my flatonica <= 0.0.8 versions.
CVE-2024-37496MEDIUM4.3Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Contro...
CVE-2024-37210MEDIUM6.5Missing Authorization vulnerability in ali2woo AliNext allows Exploiting Incorrectly Configured Access Control Security ...
CVE-2024-35690MEDIUM6.5Insertion of sensitive information into sent data vulnerability in MarketingFire Widget Options allows Retrieve Embedded...
CVE-2024-35648MEDIUM4.3Cross-Site request forgery (CSRF) vulnerability in Andy Moyle Emergency Password Reset allows Cross Site Request Forgery...
CVE-2024-34810MEDIUM4.3Cross-Site request forgery (CSRF) vulnerability in Extend Themes Skyline WP allows Cross Site Request Forgery. This iss...
CVE-2024-33909MEDIUM5.3Missing Authorization vulnerability in Avirtum iPages Flipbook allows Exploiting Incorrectly Configured Access Control S...
CVE-2024-33685MEDIUM4.3Missing Authorization vulnerability in Jegstudio Startupzy startupzy allows Exploiting Incorrectly Configured Access Con...
CVE-2024-32949HIGH8.3Missing Authorization vulnerability in Prince Integrate Google Drive allows Exploiting Incorrectly Configured Access Con...
CVE-2024-32729HIGH7.5Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in QuantumCloud Conversatio...
CVE-2024-31435MEDIUM4.3: Missing Authorization vulnerability in Inisev Social Media & Share Icons allows Exploiting Incorrectly Configured Acce...
CVE-2024-24709MEDIUM4.3Missing Authorization vulnerability in Shareaholic allows Exploiting Incorrectly Configured Access Control Security Leve...
CVE-2024-39575HIGH7.4update_disk_psu_baseline.sh requires password in plain text
CVE-2024-38487HIGH7api-gateway container running with root privilege would allow an attacker to escape the container and access host system...
CVE-2024-30476MEDIUM5.4PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-pr...
CVE-2024-24909HIGH8.8Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the ga...
CVE-2024-22451MEDIUM6.7Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An att...

Check if your code is affected by 2024 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now