2024 CVE Vulnerabilities
39,152 CVEs published in 2024.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2024-52286 | LOW | 2 | 0.5% | Nov 11, 2024 | Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. In affected... |
| CVE-2024-43427 | LOW | 3.7 | 0.3% | Nov 11, 2024 | A flaw was found in moodle. When creating an export of site administration presets, some sensitive secrets and keys are ... |
| CVE-2024-47190 | LOW | 2.7 | 0.3% | Nov 8, 2024 | Northern.tech Hosted Mender before 2024.07.11 allows SSRF. |
| CVE-2024-50211 | LOW | 3.3 | 0.2% | Nov 8, 2024 | In the Linux kernel, the following vulnerability has been resolved: udf: refactor inode_bmap() to handle error Refacto... |
| CVE-2024-51993 | LOW | 3.4 | 0.1% | Nov 7, 2024 | Combodo iTop is a web based IT Service Management tool. An attacker accessing a backup file or the database can read som... |
| CVE-2024-51758 | LOW | 2.3 | 0.5% | Nov 7, 2024 | Filament is a collection of full-stack components for accelerated Laravel development. All Filament features that intera... |
| CVE-2024-30142 | LOW | 3.8 | 0.1% | Nov 7, 2024 | HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not set, cookies may be sto... |
| CVE-2024-50343 | LOW | 3.1 | 0.5% | Nov 6, 2024 | symfony/validator is a module for the Symphony PHP framework which provides tools to validate values. It is possible to ... |
| CVE-2024-50341 | LOW | 3.1 | 0.3% | Nov 6, 2024 | symfony/security-bundle is a module for the Symphony PHP framework which provides a tight integration of the Security co... |
| CVE-2024-51755 | LOW | 2.2 | 0.4% | Nov 6, 2024 | Twig is a template language for PHP. In a sandbox, an attacker can access attributes of Array-like objects as they were ... |
| CVE-2024-51754 | LOW | 2.2 | 0.4% | Nov 6, 2024 | Twig is a template language for PHP. In a sandbox, an attacker can call `__toString()` on an object even if the `__toStr... |
| CVE-2024-10920 | LOW | 2.3 | 0.4% | Nov 6, 2024 | A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. Affected by this ... |
| CVE-2024-34682 | LOW | 2.4 | 0.2% | Nov 6, 2024 | Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi passw... |
| CVE-2024-34677 | LOW | 3.3 | 0.1% | Nov 6, 2024 | Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious a... |
| CVE-2024-51756 | LOW | 2.3 | 0.6% | Nov 5, 2024 | The cap-std project is organized around the eponymous `cap-std` crate, and develops libraries to make it easy to write c... |
| CVE-2024-51745 | LOW | 2.3 | 0.8% | Nov 5, 2024 | Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks ac... |
| CVE-2024-51753 | LOW | 2.1 | 0.2% | Nov 5, 2024 | The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthK... |
| CVE-2024-51752 | LOW | 2.1 | 0.2% | Nov 5, 2024 | The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & Aut... |
| CVE-2024-51746 | LOW | 1.8 | 0.1% | Nov 5, 2024 | Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. gitsign may select the... |
| CVE-2024-50092 | LOW | 3.3 | 0.2% | Nov 5, 2024 | In the Linux kernel, the following vulnerability has been resolved: net: netconsole: fix wrong warning A warning is tr... |
| CVE-2024-51744 | LOW | 3.1 | 0.5% | Nov 4, 2024 | golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in `ParseWithClaims` c... |
| CVE-2024-10749 | LOW | 2.3 | 0.5% | Nov 4, 2024 | A vulnerability, which was classified as critical, was found in ThinkAdmin up to 6.1.67. Affected is the function script... |
| CVE-2024-10748 | LOW | 2 | 0.3% | Nov 4, 2024 | A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. ... |
| CVE-2024-39639 | LOW | 3.5 | 0.2% | Nov 1, 2024 | Broken Access Control vulnerability in Nickolas Bossinas WordPress File Upload allows Exploiting Incorrectly Configured ... |
| CVE-2024-7883 | LOW | 3.7 | 0.5% | Oct 31, 2024 | When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non-secure state via floatin... |
Check if your code is affected by 2024 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now