2024 CVE Vulnerabilities
No CVEs published in 2024.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2024-39157 | LOW | 3.8 | 0.2% | Jun 27, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ipRecord_deal.php?mu... |
| CVE-2024-39156 | LOW | 3.8 | 0.2% | Jun 27, 2024 | idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/keyWord_deal.php?mud... |
| CVE-2024-39458 | LOW | 3.1 | 0.4% | Jun 26, 2024 | When Jenkins Structs Plugin 337.v1b_04ea_4df7c8 and earlier fails to configure a build step, it logs a warning message c... |
| CVE-2024-6344 | LOW | 1.9 | 0.4% | Jun 26, 2024 | A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. This affects an ... |
| CVE-2024-28830 | LOW | 2.7 | 0.3% | Jun 26, 2024 | Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p7, <2.2.0p28, <2.1.0p45 and <... |
| CVE-2024-21520 | LOW | 2.1 | 1.1% | Jun 26, 2024 | Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting (XSS) via the break_lon... |
| CVE-2024-37141 | LOW | 3.5 | 0.3% | Jun 26, 2024 | Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an open redirect vulnerab... |
| CVE-2024-29177 | LOW | 2.7 | 0.3% | Jun 26, 2024 | Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a disclosure of temporary... |
| CVE-2024-38364 | LOW | 2.6 | 0.4% | Jun 26, 2024 | DSpace is an open source software is a turnkey repository application used by more than 2,000 organizations and institut... |
| CVE-2024-6299 | LOW | 3.7 | 0.2% | Jun 25, 2024 | Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an... |
| CVE-2024-6295 | LOW | 3.9 | 0.2% | Jun 25, 2024 | udn News Android APP stores the unencrypted user session in the local database when user log into the application. A mal... |
| CVE-2024-6294 | LOW | 3.9 | 0.2% | Jun 25, 2024 | udn News Android APP stores the user session in logcat file when user log into the APP. A malicious APP or an attacker w... |
| CVE-2024-4839 | LOW | 3.3 | 0.2% | Jun 24, 2024 | A Cross-Site Request Forgery (CSRF) vulnerability exists in the 'Servers Configurations' function of the parisneo/lollms... |
| CVE-2024-3121 | LOW | 3.3 | 0.4% | Jun 24, 2024 | A remote code execution vulnerability exists in the create_conda_env function of the parisneo/lollms repository, version... |
| CVE-2024-4841 | LOW | 3.3 | 0.7% | Jun 23, 2024 | A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'add_reference_to_local_mode... |
| CVE-2024-21517 | LOW | 1.2 | 0.4% | Jun 22, 2024 | This affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was identified in the redirec... |
| CVE-2024-21516 | LOW | 1.2 | 0.4% | Jun 22, 2024 | This affects versions of the package opencart/opencart from 4.0.0.0 and before 4.1.0.0. A reflected XSS issue was identi... |
| CVE-2024-21515 | LOW | 1.2 | 0.4% | Jun 22, 2024 | This affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was identified in the filenam... |
| CVE-2024-38388 | LOW | 3.3 | 0.2% | Jun 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/cs_dsp_ctl: Use private_free for control ... |
| CVE-2024-37352 | LOW | 3.4 | 0.3% | Jun 20, 2024 | There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06 that... |
| CVE-2024-37351 | LOW | 3.4 | 0.3% | Jun 20, 2024 | There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06. Att... |
| CVE-2024-37349 | LOW | 3.4 | 0.3% | Jun 20, 2024 | There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06. Att... |
| CVE-2024-37348 | LOW | 3.4 | 0.3% | Jun 20, 2024 | There is a cross-site scripting vulnerability in the management UI of Absolute Secure Access prior to version 13.06. Att... |
| CVE-2024-37347 | LOW | 3.4 | 0.3% | Jun 20, 2024 | There is a cross-site scripting vulnerability in the pool configuration component of the management UI of Absolute Secur... |
| CVE-2024-37344 | LOW | 3.4 | 0.3% | Jun 20, 2024 | There is a cross-site scripting vulnerability in the Policy management UI of Absolute Secure Access prior to version 13.... |
Check if your code is affected by 2024 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now