2024 CVE Vulnerabilities
39,152 CVEs published in 2024.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2024-45687 | LOW | 2.4 | 0.2% | Jan 21, 2025 | Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in Payara Pl... |
| CVE-2024-22349 | LOW | 3.3 | 0.2% | Jan 20, 2025 | IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be stored locally which c... |
| CVE-2024-13524 | LOW | 2 | 0.2% | Jan 20, 2025 | A vulnerability has been found in obsproject OBS Studio up to 30.0.2 on Windows and classified as problematic. Affected ... |
| CVE-2024-54681 | LOW | 2 | 0.3% | Jan 17, 2025 | Multiple bash files were present in the application's private directory. Bash files can be used on their own, by an att... |
| CVE-2024-45832 | LOW | 2 | 0.3% | Jan 17, 2025 | Hard-coded credentials were included as part of the application binary. These credentials served as part of the applica... |
| CVE-2024-37181 | LOW | 2.1 | 0.1% | Jan 16, 2025 | Time-of-check time-of-use race condition in some Intel(R) Neural Compressor software before version v3.0 may allow an au... |
| CVE-2024-57611 | LOW | 3.5 | 0.1% | Jan 16, 2025 | 07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/doAdminAction.php?act=editShop&s... |
| CVE-2024-57159 | LOW | 3.5 | 0.1% | Jan 16, 2025 | 07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/add.... |
| CVE-2024-55503 | LOW | 3.3 | 0.4% | Jan 15, 2025 | An issue in termius before v.9.9.0 allows a local attacker to execute arbitrary code via a crafted script to the DYLD_IN... |
| CVE-2024-53407 | LOW | 3.3 | 0.5% | Jan 15, 2025 | In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject dylib file potentially le... |
| CVE-2024-40839 | LOW | 2.4 | 0.2% | Jan 15, 2025 | This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker... |
| CVE-2024-5198 | LOW | 3.3 | 0.1% | Jan 15, 2025 | OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with inval... |
| CVE-2024-57898 | LOW | 3.3 | 0.2% | Jan 15, 2025 | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during li... |
| CVE-2024-52006 | LOW | 2.1 | 1.0% | Jan 14, 2025 | Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-... |
| CVE-2024-50349 | LOW | 2.1 | 0.6% | Jan 14, 2025 | Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-... |
| CVE-2024-55593 | LOW | 2.7 | 0.4% | Jan 14, 2025 | A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiWeb versions 6.3... |
| CVE-2024-50564 | LOW | 3.3 | 0.2% | Jan 14, 2025 | A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all versions, 7.0.x all versio... |
| CVE-2024-46665 | LOW | 3.7 | 0.5% | Jan 14, 2025 | An insertion of sensitive information into sent data vulnerability [CWE-201] in FortiOS 7.6.0, 7.4.0 through 7.4.4 may a... |
| CVE-2024-45385 | LOW | 2.1 | 0.3% | Jan 14, 2025 | A vulnerability has been identified in Industrial Edge Management OS (IEM-OS) (All versions). Affected components are vu... |
| CVE-2024-51491 | LOW | 3.3 | 0.2% | Jan 13, 2025 | notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specificati... |
| CVE-2024-42179 | LOW | 2.7 | 0.2% | Jan 12, 2025 | HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response header exposes the Micr... |
| CVE-2024-42174 | LOW | 3.7 | 0.3% | Jan 11, 2025 | HCL MyXalytics is affected by username enumeration vulnerability. This allows a malicious user to perform enumeration o... |
| CVE-2024-13308 | LOW | 3.8 | 0.2% | Jan 9, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Browser Bac... |
| CVE-2024-13293 | LOW | 3.1 | 0.1% | Jan 9, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Drupal POST File allows Cross Site Request Forgery.This issue affects... |
| CVE-2024-13261 | LOW | 3.5 | 0.1% | Jan 9, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Drupal Acquia DAM allows Cross Site Request Forgery.This issue affect... |
Check if your code is affected by 2024 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now