2024 CVE Vulnerabilities
No CVEs published in 2024.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2024-52587 | LOW | 2.7 | 2.7% | Nov 18, 2024 | StepSecurity's Harden-Runner provides network egress filtering and runtime security for GitHub-hosted and self-hosted ru... |
| CVE-2024-52585 | LOW | 1.2 | 0.3% | Nov 18, 2024 | Autolab is a course management service that enables auto-graded programming assignments. There is an HTML injection vuln... |
| CVE-2024-47820 | LOW | 3.5 | 0.7% | Nov 18, 2024 | MarkUs, a web application for the submission and grading of student assignments, is vulnerable to path traversal in vers... |
| CVE-2024-5030 | LOW | 3.8 | 0.2% | Nov 18, 2024 | The CM Table Of Contents WordPress plugin before 1.2.3 does not have CSRF check in place when resetting its settings, w... |
| CVE-2024-52514 | LOW | 3.5 | 0.5% | Nov 15, 2024 | Nextcloud Server is a self hosted personal cloud system. After a user received a share with some files inside being bloc... |
| CVE-2024-46383 | LOW | 2.4 | 0.3% | Nov 15, 2024 | Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected ... |
| CVE-2024-10977 | LOW | 3.7 | 0.4% | Nov 14, 2024 | Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnis... |
| CVE-2024-5917 | LOW | 2.1 | 0.5% | Nov 14, 2024 | A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use... |
| CVE-2024-38660 | LOW | 2 | 0.2% | Nov 13, 2024 | Protection mechanism failure in the SPP for some Intel(R) Xeon(R) processor family (E-Core) may allow an authenticated u... |
| CVE-2024-34776 | LOW | 2 | 0.1% | Nov 13, 2024 | Out-of-bounds write in some Intel(R) SGX SDK software may allow an authenticated user to potentially enable escalation o... |
| CVE-2024-32667 | LOW | 2.4 | 0.2% | Nov 13, 2024 | Out-of-bounds read for some OpenCL(TM) software may allow an authenticated user to potentially enable denial of service ... |
| CVE-2024-32485 | LOW | 2.4 | 0.2% | Nov 13, 2024 | Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an authenticated user to po... |
| CVE-2024-28051 | LOW | 1 | 0.2% | Nov 13, 2024 | Out-of-bounds read in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially en... |
| CVE-2024-28030 | LOW | 1 | 0.2% | Nov 13, 2024 | NULL pointer dereference in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentia... |
| CVE-2024-21808 | LOW | 1 | 0.2% | Nov 13, 2024 | Improper buffer restrictions in some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to pote... |
| CVE-2024-21783 | LOW | 2.4 | 0.2% | Nov 13, 2024 | Integer overflow for some Intel(R) VPL software before version 24.1.4 may allow an authenticated user to potentially ena... |
| CVE-2024-35274 | LOW | 2.3 | 0.2% | Nov 12, 2024 | An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet For... |
| CVE-2024-9842 | LOW | 3.3 | 0.2% | Nov 12, 2024 | Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to crea... |
| CVE-2024-51749 | LOW | 3.5 | 0.3% | Nov 12, 2024 | Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.8... |
| CVE-2024-11126 | LOW | 2.3 | 0.3% | Nov 12, 2024 | A vulnerability was found in Digistar AG-30 Plus 2.6b. It has been classified as problematic. Affected is an unknown fun... |
| CVE-2024-50560 | LOW | 2.3 | 0.3% | Nov 12, 2024 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM... |
| CVE-2024-47799 | LOW | 3.5 | 0.2% | Nov 12, 2024 | Exposure of sensitive system information to an unauthorized control sphere issue exists in Mesh Wi-Fi router RP562B firm... |
| CVE-2024-48838 | LOW | 3.3 | 0.2% | Nov 12, 2024 | Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a Files or Directories Acc... |
| CVE-2024-10672 | LOW | 2.7 | 0.5% | Nov 12, 2024 | The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to arbitrary file deletion due to insufficie... |
| CVE-2024-47587 | LOW | 3.5 | 0.2% | Nov 12, 2024 | Cash Operations does not perform necessary authorization check for an authenticated user, resulting in escalation of pri... |
Check if your code is affected by 2024 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now