2024 CVE Vulnerabilities
No CVEs published in 2024.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2024-5307 | LOW | 3.3 | 0.4% | Jun 6, 2024 | Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows r... |
| CVE-2024-2213 | LOW | 3.3 | 0.2% | Jun 6, 2024 | An issue was discovered in zenml-io/zenml versions up to and including 0.55.4. Due to improper authentication mechanisms... |
| CVE-2024-2032 | LOW | 3.1 | 0.3% | Jun 6, 2024 | A race condition vulnerability exists in zenml-io/zenml versions up to and including 0.55.3, which allows for the creati... |
| CVE-2024-20885 | LOW | 3.3 | 0.1% | Jun 4, 2024 | Improper component protection vulnerability in Samsung Dialer prior to SMR May-2024 Release 1 allows local attackers to ... |
| CVE-2024-31684 | LOW | 3.5 | 0.2% | Jun 3, 2024 | Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows a... |
| CVE-2024-35196 | LOW | 2 | 0.6% | May 31, 2024 | Sentry is a developer-first error tracking and performance monitoring platform. Sentry's Slack integration incorrectly r... |
| CVE-2024-36119 | LOW | 1.8 | 0.1% | May 30, 2024 | Statamic is a, Laravel + Git powered CMS designed for building websites. In affected versions users registering via the ... |
| CVE-2024-4330 | LOW | 3.3 | 0.3% | May 30, 2024 | A path traversal vulnerability was identified in the parisneo/lollms-webui repository, specifically within version 9.6. ... |
| CVE-2024-34715 | LOW | 3.3 | 0.3% | May 29, 2024 | Fides is an open-source privacy engineering platform. The Fides webserver requires a connection to a hosted PostgreSQL d... |
| CVE-2024-35311 | LOW | 3.3 | 0.2% | May 29, 2024 | Yubico YubiKey 5 Series before 5.7.0, Security Key Series before 5.7.0, YubiKey Bio Series before 5.6.4, and YubiKey 5 F... |
| CVE-2024-35403 | LOW | 2.7 | 0.4% | May 28, 2024 | TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function... |
| CVE-2024-32944 | LOW | 3.3 | 0.2% | May 28, 2024 | Path traversal vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product installs a crafted UTAU ... |
| CVE-2024-27314 | LOW | 2.4 | 1.9% | May 27, 2024 | Zoho ManageEngine ServiceDesk Plus versions below 14730, ServiceDesk Plus MSP below 14720 and SupportCenter Plus below 1... |
| CVE-2024-35232 | LOW | 3.7 | 0.5% | May 24, 2024 | github.com/huandu/facebook is a Go package that fully supports the Facebook Graph API with file upload, batch request an... |
| CVE-2024-32969 | LOW | 2.7 | 0.3% | May 23, 2024 | vantage6 is an open-source infrastructure for privacy preserving analysis. Collaboration administrators can add extra or... |
| CVE-2024-3920 | LOW | 3.5 | 0.4% | May 23, 2024 | The Flattr WordPress plugin through 1.2.2 does not sanitise and escape some of its settings, which could allow high priv... |
| CVE-2024-2220 | LOW | 3.5 | 0.3% | May 23, 2024 | The Button contact VR WordPress plugin through 4.7 does not sanitise and escape some of its settings, which could allow ... |
| CVE-2024-34274 | LOW | 3.9 | 0.2% | May 21, 2024 | OpenBD 20210306203917-6cbe797 is vulnerable to Deserialization of Untrusted Data. The cookies bdglobals and bdclient_spo... |
| CVE-2024-35935 | LOW | 3.3 | 0.2% | May 19, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: send: handle path ref underflow in header it... |
| CVE-2024-32708 | LOW | 3.7 | 0.4% | May 17, 2024 | Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affec... |
| CVE-2024-4214 | LOW | 2.7 | 0.4% | May 17, 2024 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in Bill Minozzi Car Dealer al... |
| CVE-2024-30480 | LOW | 3.7 | 0.5% | May 17, 2024 | Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows Functionality Bypass.Th... |
| CVE-2024-22139 | LOW | 3.7 | 0.4% | May 17, 2024 | Authentication Bypass by Spoofing vulnerability in Filipe Seabra WordPress Manutenção allows Functionality Bypass.This i... |
| CVE-2024-22384 | LOW | 2.8 | 0.2% | May 16, 2024 | Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2022.0.0 published Nov 2023 ma... |
| CVE-2024-31226 | LOW | 2.9 | 0.2% | May 16, 2024 | Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a ser... |
Check if your code is affected by 2024 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now