2024 CVE Vulnerabilities
No CVEs published in 2024.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2024-51481 | LOW | 1 | 0.2% | Oct 31, 2024 | Nix is a package manager for Linux and other Unix systems. On macOS, built-in builders (such as `builtin:fetchurl`, expo... |
| CVE-2024-10228 | LOW | 3.3 | 0.1% | Oct 29, 2024 | The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path that could be modified... |
| CVE-2024-10452 | LOW | 2.7 | 0.5% | Oct 29, 2024 | Organization admins can delete pending invites created in an organization they are not part of. |
| CVE-2024-41156 | LOW | 2.7 | 0.4% | Oct 29, 2024 | Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide po... |
| CVE-2024-44265 | LOW | 2.4 | 0.6% | Oct 28, 2024 | The issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sequoia 15.1, ma... |
| CVE-2024-44251 | LOW | 2.4 | 0.3% | Oct 28, 2024 | This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. An attacker... |
| CVE-2024-44222 | LOW | 3.3 | 0.2% | Oct 28, 2024 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.1, ma... |
| CVE-2024-44123 | LOW | 2.3 | 0.2% | Oct 28, 2024 | A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequo... |
| CVE-2024-40853 | LOW | 3.3 | 0.2% | Oct 28, 2024 | This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18 and iPadOS 18.... |
| CVE-2024-40851 | LOW | 2.4 | 0.2% | Oct 28, 2024 | This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 18.1 and iPadOS 1... |
| CVE-2024-40792 | LOW | 3.3 | 0.1% | Oct 28, 2024 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A malicious app... |
| CVE-2024-27849 | LOW | 3.3 | 0.2% | Oct 28, 2024 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia... |
| CVE-2024-49755 | LOW | 3.1 | 0.3% | Oct 28, 2024 | Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. IdentityServer's local API authenti... |
| CVE-2024-5532 | LOW | 1.8 | 0.2% | Oct 28, 2024 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ O... |
| CVE-2024-10214 | LOW | 3.5 | 0.4% | Oct 28, 2024 | Mattermost versions 9.11.X <= 9.11.1, 9.5.x <= 9.5.9 icorrectly issues two sessions when using desktop SSO - one in the ... |
| CVE-2024-8013 | LOW | 3.3 | 0.1% | Oct 28, 2024 | A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in express... |
| CVE-2024-23843 | LOW | 2.2 | 0.2% | Oct 28, 2024 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Genians Genian NAC... |
| CVE-2024-50610 | LOW | 3.6 | 0.3% | Oct 27, 2024 | GSL (GNU Scientific Library) through 2.8 has an integer signedness error in gsl_siman_solve_many in siman/siman.c. When ... |
| CVE-2024-47821 | LOW | 2.3 | 0.7% | Oct 25, 2024 | pyLoad is a free and open-source Download Manager. The folder `/.pyload/scripts` has scripts which are run when certain ... |
| CVE-2024-10372 | LOW | 2 | 0.3% | Oct 25, 2024 | A vulnerability classified as problematic was found in chidiwilliams buzz 1.1.0. This vulnerability affects the function... |
| CVE-2024-49751 | LOW | 1.2 | 0.5% | Oct 23, 2024 | Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-... |
| CVE-2024-49208 | LOW | 3.1 | 0.3% | Oct 22, 2024 | Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass vulnerability related to supportin... |
| CVE-2024-48926 | LOW | 3.1 | 0.2% | Oct 22, 2024 | Umbraco, a free and open source .NET content management system, has an insufficient session expiration issue in versions... |
| CVE-2024-43173 | LOW | 3.7 | 0.2% | Oct 22, 2024 | IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute. |
| CVE-2024-50057 | LOW | 3.3 | 0.2% | Oct 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Free IRQ only if it was requested... |
Check if your code is affected by 2024 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now