2024 CVE Vulnerabilities
39,152 CVEs published in 2024.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2024-24769 | LOW | 2.1 | 0.3% | Jun 17, 2026 | vantage6 is an open-source infrastructure for privacy preserving analysis. Prior to version 5.0.0, users can reset their... |
| CVE-2024-58350 | LOW | 2.1 | 0.1% | Jun 10, 2026 | Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initializati... |
| CVE-2024-42206 | LOW | 3.1 | 0.2% | Jun 2, 2026 | HCL iReflection Third party vulnerable and outdated components issue was detected in the web application |
| CVE-2024-47272 | LOW | 2.7 | 0.2% | May 27, 2026 | Incorrect authorization vulnerability in IO Module functionality in Synology Surveillance Station before 9.2.2-11575 and... |
| CVE-2024-47270 | LOW | 2.7 | 0.2% | May 27, 2026 | Improper preservation of permissions vulnerability in Archiving Push functionality in Synology Surveillance Station befo... |
| CVE-2024-47267 | LOW | 2.7 | 0.3% | May 27, 2026 | Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Archiving Pull functiona... |
| CVE-2024-21950 | LOW | 1.8 | 0.1% | May 15, 2026 | An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memo... |
| CVE-2024-7083 | LOW | 3.5 | 0.2% | Apr 20, 2026 | The Email Encoder WordPress plugin before 2.3.4 does not sanitise and escape some of its settings, which could allow hi... |
| CVE-2024-14026 | LOW | 2 | 0.6% | Mar 11, 2026 | A command injection vulnerability has been reported to affect several QNAP operating system versions. If an attacker gai... |
| CVE-2024-14025 | LOW | 0.1 | 0.1% | Mar 11, 2026 | An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who ... |
| CVE-2024-14024 | LOW | 0.1 | 0.1% | Mar 11, 2026 | An improper certificate validation vulnerability has been reported to affect Video Station. If an attacker gains local n... |
| CVE-2024-48928 | LOW | 2.7 | 0.3% | Feb 24, 2026 | Piwigo is an open source photo gallery application for the web. In versions on the 14.x branch, when installing, the sec... |
| CVE-2024-55271 | LOW | 3.5 | 0.1% | Feb 17, 2026 | A Cross-Site Request Forgery (CSRF) vulnerability has been identified in phpgurukul Gym Management System 1.0. This issu... |
| CVE-2024-56808 | LOW | 2 | 0.6% | Feb 11, 2026 | A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network... |
| CVE-2024-56807 | LOW | 1.7 | 0.1% | Feb 11, 2026 | An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local netwo... |
| CVE-2024-54556 | LOW | 2.4 | 0.2% | Jan 16, 2026 | This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may ... |
| CVE-2024-44210 | LOW | 3.3 | 0.2% | Jan 16, 2026 | This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be ab... |
| CVE-2024-14020 | LOW | 2.3 | 0.3% | Jan 7, 2026 | A weakness has been identified in carboneio carbone up to fbcd349077ad0e8748be73eab2a82ea92b6f8a7e. This impacts an unkn... |
| CVE-2024-56464 | LOW | 2.7 | 0.2% | Dec 9, 2025 | IBM QRadar SIEM 7.5 - 7.5.0 UP14 IF01 is affected by an information disclosure vulnerability involving exposure of direc... |
| CVE-2024-48341 | LOW | 3.7 | 0.2% | Sep 8, 2025 | dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.... |
| CVE-2024-36331 | LOW | 3.2 | 0.1% | Sep 6, 2025 | Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SN... |
| CVE-2024-21977 | LOW | 3.2 | 0.1% | Sep 5, 2025 | Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDR... |
| CVE-2024-12923 | LOW | 2 | 0.2% | Aug 29, 2025 | A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If a remote attacker gains a user ... |
| CVE-2024-44271 | LOW | 3.3 | 0.1% | Aug 29, 2025 | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to record th... |
| CVE-2024-41985 | LOW | 2.1 | 0.2% | Aug 12, 2025 | A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Au... |
Check if your code is affected by 2024 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now