Vulnerabilities

CVE Alert: CVE-2024-0125

October 4, 2024

Vulnerability Summary: CVE-2024-0125 NVIDIA CUDA Toolkit for Windows and Linux contains a vulnerability in the nvdisam command line tool, where...

CVE Alert: CVE-2024-45871

October 4, 2024

Vulnerability Summary: CVE-2024-45871 Bandisoft BandiView 7.05 is Incorrect Access Control via sub_0x232bd8 resulting in denial of service (DOS). Affected Endpoints:...

CVE Alert: CVE-2024-7826

October 4, 2024

Vulnerability Summary: CVE-2024-7826 Improper Check for Unusual or Exceptional Conditions vulnerability in Webroot SecureAnywhere - Web Shield on Windows, ARM,...

CVE Alert: CVE-2024-47762

October 4, 2024

Vulnerability Summary: CVE-2024-47762 Backstage is an open framework for building developer portals. Configuration supplied through APP_CONFIG_* environment variables, for example...

CVE Alert: CVE-2024-41595

October 4, 2024

Vulnerability Summary: CVE-2024-41595 DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of...

CVE Alert: CVE-2024-7825

October 4, 2024

Vulnerability Summary: CVE-2024-7825 Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Webroot SecureAnywhere - Web Shield on Windows,...

CVE Alert: CVE-2024-41596

October 4, 2024

Vulnerability Summary: CVE-2024-41596 Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 (in the Vigor management UI) because of...

CVE Alert: CVE-2024-41589

October 4, 2024

Vulnerability Summary: CVE-2024-41589 DrayTek Vigor310 devices through 4.3.2.6 use unencrypted HTTP for authentication requests. Affected Endpoints: No affected endpoints listed....

CVE Alert: CVE-2024-41592

October 4, 2024

Vulnerability Summary: CVE-2024-41592 DrayTek Vigor3910 devices through 4.3.2.6 have a stack-based overflow when processing query string parameters because GetCGI mishandles...

CVE Alert: CVE-2024-41586

October 4, 2024

Vulnerability Summary: CVE-2024-41586 A stack-based Buffer Overflow vulnerability in DrayTek Vigor310 devices through 4.3.2.6 allows a remote attacker to execute...

CVE Alert: CVE-2024-41583

October 4, 2024

Vulnerability Summary: CVE-2024-41583 DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to stored Cross Site Scripting (XSS) by authenticated users due...

CVE Alert: CVE-2024-41584

October 4, 2024

Vulnerability Summary: CVE-2024-41584 DrayTek Vigor3910 devices through 4.3.2.6 are vulnerable to reflected XSS by authenticated users, caused by missing validation...

CVE Alert: CVE-2024-9266

October 4, 2024

Vulnerability Summary: CVE-2024-9266 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Express. This vulnerability affects the use of the...

CVE Alert: CVE-2024-41925

October 4, 2024

Vulnerability Summary: CVE-2024-41925 The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly validate user...

CVE Alert: CVE-2024-45367

October 4, 2024

Vulnerability Summary: CVE-2024-45367 The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead...

CVE Alert: CVE-2024-43699

October 4, 2024

Vulnerability Summary: CVE-2024-43699 Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. An unauthenticated attacker may...

CVE Alert: CVE-2024-42417

October 4, 2024

Vulnerability Summary: CVE-2024-42417 Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. An authenticated attacker may...

CVE Alert: CVE-2024-33210

October 4, 2024

Vulnerability Summary: CVE-2024-33210 A cross-site scripting (XSS) vulnerability has been identified in Flatpress 1.3. This vulnerability allows an attacker to...

CVE Alert: CVE-2024-47806

October 4, 2024

Vulnerability Summary: CVE-2024-47806 Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an...

CVE Alert: CVE-2024-47807

October 4, 2024

Vulnerability Summary: CVE-2024-47807 Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `iss` (Issuer) claim of an...

CVE Alert: CVE-2024-47612

October 4, 2024

Vulnerability Summary: CVE-2024-47612 DataDump is a MediaWiki extension that provides dumps of wikis. Several interface messages are unescaped (more specifically,...

CVE Alert: CVE-2024-47611

October 4, 2024

Vulnerability Summary: CVE-2024-47611 XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows (MinGW-w64 or...

CVE Alert: CVE-2024-9423

October 4, 2024

Vulnerability Summary: CVE-2024-9423 Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw...

CVE Alert: CVE-2024-20441

October 4, 2024

Vulnerability Summary: CVE-2024-20441 A vulnerability in a specific REST API endpoint of Cisco NDFC could allow an authenticated, low-privileged, remote...

Vulnerabilities

CVE Alert: CVE-2024-0125

CVE Alert: CVE-2024-45871

CVE Alert: CVE-2024-7826

CVE Alert: CVE-2024-47762

CVE Alert: CVE-2024-41595

CVE Alert: CVE-2024-7825

CVE Alert: CVE-2024-41596

CVE Alert: CVE-2024-41589

CVE Alert: CVE-2024-41592

CVE Alert: CVE-2024-41586

CVE Alert: CVE-2024-41583

CVE Alert: CVE-2024-41584

CVE Alert: CVE-2024-9266

CVE Alert: CVE-2024-41925

CVE Alert: CVE-2024-45367

CVE Alert: CVE-2024-43699

CVE Alert: CVE-2024-42417

CVE Alert: CVE-2024-33210

CVE Alert: CVE-2024-47806

CVE Alert: CVE-2024-47807

CVE Alert: CVE-2024-47612

CVE Alert: CVE-2024-47611

CVE Alert: CVE-2024-9423

CVE Alert: CVE-2024-20441

CVE Alert: CVE-2025-0397

CVE Alert: CVE-2025-0396

CVE Alert: CVE-2021-29669

CVE Alert: CVE-2025-0398

CVE Alert: CVE-2024-51456

You may have missed