Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-54229 |
Description: Incorrect Privilege Assignment vulnerability in Straightvisions GmbH SV100 Companion allows Privilege Escalation.This issue affects SV100 Companion: from n/a through 2.0.02.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
December 17th, 2024 (4 months ago)
|
|
CVE-2024-9290 |
Description: The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and a missing capability check on the ibk_restore_migrate_check() function in all versions up to, and including, 2.3.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
CVSS: CRITICAL (9.8) EPSS Score: 0.09%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54297 |
Description: Authentication Bypass Using an Alternate Path or Channel vulnerability in www.vbsso.com vBSSO-lite allows Authentication Bypass.This issue affects vBSSO-lite: from n/a through 1.4.3.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54296 |
Description: Authentication Bypass Using an Alternate Path or Channel vulnerability in Codexpert, Inc CoSchool LMS allows Authentication Bypass.This issue affects CoSchool LMS: from n/a through 1.2.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54295 |
Description: Authentication Bypass Using an Alternate Path or Channel vulnerability in InspireUI ListApp Mobile Manager allows Authentication Bypass.This issue affects ListApp Mobile Manager: from n/a through 1.7.7.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54294 |
Description: Authentication Bypass Using an Alternate Path or Channel vulnerability in appgenixinfotech Firebase OTP Authentication allows Authentication Bypass.This issue affects Firebase OTP Authentication: from n/a through 1.0.1.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54293 |
Description: Incorrect Privilege Assignment vulnerability in CE21 CE21 Suite allows Privilege Escalation.This issue affects CE21 Suite: from n/a through 2.2.0.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54292 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Appsplate Appsplate allows SQL Injection.This issue affects Appsplate: from n/a through 2.1.3.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54273 |
Description: Deserialization of Untrusted Data vulnerability in PickPlugins Mail Picker allows Object Injection.This issue affects Mail Picker: from n/a through 1.0.14.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54262 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Siddharth Nagar Import Export For WooCommerce allows Upload a Web Shell to a Web Server.This issue affects Import Export For WooCommerce: from n/a through 1.5.
CVSS: CRITICAL (9.9) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|