Strix
26.1K

2024 CVE Vulnerabilities

39,152 CVEs published in 2024.

CRITICAL4,184

10.7%

HIGH12,954

33.1%

MEDIUM20,120

51.4%

LOW865

2.2%

UNKNOWN1,028

2.6%

Filter:MEDIUMClear
CVE IDSeverityCVSSDescription
CVE-2024-23581MEDIUM6.7The HCL Traveler for Microsoft Outlook libraries are being flagged as potentially malicious software or an unrecognized ...
CVE-2024-51454MEDIUM6.1IBM Engineering Workflow Management 7.0.2 through 7.0.2 Interim Fix 035, 7.0.3 through 7.0.3 Interim Fix 017, and 7.1 th...
CVE-2024-54178MEDIUM6.5IBM Db2 on Cloud Pak for Data and Db2 Warehouse on Cloud Pak for Data versions 4.8,5.0,5.1,5.2,5.3 could allow an authen...
CVE-2024-27928MEDIUM5.9vantage6 is an open-source infrastructure for privacy preserving analysis. Prior to version 5.0.0, if an attacker hacks ...
CVE-2024-47477MEDIUM6.5Dell PowerFlex Manager, versions prior to 4.5.1.1, contain an improper certificate validation vulnerability. A remote un...
CVE-2024-37496MEDIUM4.3Missing Authorization vulnerability in Rara Themes Metro Magazine allows Exploiting Incorrectly Configured Access Contro...
CVE-2024-37210MEDIUM6.5Missing Authorization vulnerability in ali2woo AliNext allows Exploiting Incorrectly Configured Access Control Security ...
CVE-2024-35690MEDIUM6.5Insertion of sensitive information into sent data vulnerability in MarketingFire Widget Options allows Retrieve Embedded...
CVE-2024-35648MEDIUM4.3Cross-Site request forgery (CSRF) vulnerability in Andy Moyle Emergency Password Reset allows Cross Site Request Forgery...
CVE-2024-34810MEDIUM4.3Cross-Site request forgery (CSRF) vulnerability in Extend Themes Skyline WP allows Cross Site Request Forgery. This iss...
CVE-2024-33909MEDIUM5.3Missing Authorization vulnerability in Avirtum iPages Flipbook allows Exploiting Incorrectly Configured Access Control S...
CVE-2024-33685MEDIUM4.3Missing Authorization vulnerability in Jegstudio Startupzy startupzy allows Exploiting Incorrectly Configured Access Con...
CVE-2024-31435MEDIUM4.3: Missing Authorization vulnerability in Inisev Social Media & Share Icons allows Exploiting Incorrectly Configured Acce...
CVE-2024-24709MEDIUM4.3Missing Authorization vulnerability in Shareaholic allows Exploiting Incorrectly Configured Access Control Security Leve...
CVE-2024-30476MEDIUM5.4PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-pr...
CVE-2024-22451MEDIUM6.7Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An att...
CVE-2024-45636MEDIUM4.4IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileg...
CVE-2024-32110MEDIUM4.3Cross-Site request forgery (CSRF) vulnerability in Magepeople inc. WpEvently allows Cross Site Request Forgery. This is...
CVE-2024-21944MEDIUM5.3Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker with physical access, r...
CVE-2024-27891MEDIUM6.9On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies...
CVE-2024-6858MEDIUM6.5In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there ...
CVE-2024-47273MEDIUM4.3An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup Task functiona...
CVE-2024-47263MEDIUM4.1An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup.Repository web...
CVE-2024-47097MEDIUM5.1Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run...
CVE-2024-47096MEDIUM5.1Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run...

Check if your code is affected by 2024 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now