2024 CVE Vulnerabilities
39,152 CVEs published in 2024.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2024-3471 | LOW | 3.4 | 0.2% | May 2, 2024 | The Button Generator WordPress plugin before 3.0 does not have CSRF check in place when bulk deleting, which could allo... |
| CVE-2024-26992 | LOW | 3.3 | 0.2% | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86/pmu: Disable support for adaptive PEBS Dr... |
| CVE-2024-4226 | LOW | 3.5 | 0.3% | Apr 30, 2024 | It was identified that in certain versions of Octopus Server, that a user created with no permissions could view all use... |
| CVE-2024-4327 | LOW | 3.5 | 0.5% | Apr 30, 2024 | A vulnerability was found in Apryse WebViewer up to 10.8.0. It has been classified as problematic. This affects an unkno... |
| CVE-2024-31747 | LOW | 2.1 | 0.3% | Apr 29, 2024 | An issue in Yealink VP59 Microsoft Teams Phone firmware 91.15.0.118 (fixed in 122.15.0.142) allows a physically proximat... |
| CVE-2024-32268 | LOW | 3.3 | 0.2% | Apr 29, 2024 | An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service via a crafted packet to ... |
| CVE-2024-3034 | LOW | 2.7 | 0.7% | Apr 27, 2024 | The BackUpWordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.13... |
| CVE-2024-3076 | LOW | 3.8 | 0.2% | Apr 26, 2024 | The MM-email2image WordPress plugin through 0.2.5 does not have CSRF check in some places, and is missing sanitisation a... |
| CVE-2024-4198 | LOW | 2.7 | 0.5% | Apr 26, 2024 | Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes which allows ... |
| CVE-2024-4195 | LOW | 2.7 | 0.5% | Apr 26, 2024 | Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes, which allows... |
| CVE-2024-32236 | LOW | 3.5 | 0.4% | Apr 25, 2024 | An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via the update function in... |
| CVE-2024-23228 | LOW | 3.3 | 0.3% | Apr 24, 2024 | This issue was addressed through improved state management. This issue is fixed in iOS 17.3 and iPadOS 17.3. Locked Note... |
| CVE-2024-2972 | LOW | 3.8 | 0.4% | Apr 24, 2024 | The Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button ... |
| CVE-2024-4063 | LOW | 3.7 | 0.3% | Apr 23, 2024 | A vulnerability was found in EZVIZ CS-C6-21WFR-8 5.2.7 Build 170628. It has been classified as problematic. This affects... |
| CVE-2024-4062 | LOW | 3.7 | 0.4% | Apr 23, 2024 | A vulnerability was found in Hualai Xiaofang iSC5 3.2.2_112 and classified as problematic. Affected by this issue is som... |
| CVE-2024-32482 | LOW | 2.2 | 0.1% | Apr 23, 2024 | The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it pos... |
| CVE-2024-3177 | LOW | 2.7 | 2.2% | Apr 22, 2024 | A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable sec... |
| CVE-2024-32405 | LOW | 2.6 | 0.5% | Apr 22, 2024 | Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via... |
| CVE-2024-29733 | LOW | 2.7 | 0.6% | Apr 21, 2024 | Improper Certificate Validation vulnerability in Apache Airflow FTP Provider. The FTP hook lacks complete certificate v... |
| CVE-2024-31991 | LOW | 3.5 | 0.3% | Apr 19, 2024 | Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the safe_scrape_html function utilizes a user-c... |
| CVE-2024-29963 | LOW | 3.8 | 0.2% | Apr 19, 2024 | Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded TLS keys used by Docker. Note: Brocade SANnav doesn't ... |
| CVE-2024-32325 | LOW | 2.4 | 0.5% | Apr 18, 2024 | TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in ... |
| CVE-2024-28076 | LOW | 3.8 | 0.3% | Apr 18, 2024 | The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A potential attacker can redirect... |
| CVE-2024-3932 | LOW | 1.3 | 0.3% | Apr 18, 2024 | A vulnerability classified as problematic has been found in Totara LMS up to 18.7. This affects an unknown part of the c... |
| CVE-2024-3931 | LOW | 2 | 0.4% | Apr 18, 2024 | A vulnerability was found in Totara LMS up to 18.7. It has been rated as problematic. Affected by this issue is some unk... |
Check if your code is affected by 2024 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now