CVE-2024-22774 |
Description: An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
CVE-2024-22641 |
Description: TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-22590 |
Description: The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello messages to be overwritten at any time, including after a connection has been established.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-22588 |
Description: Kwik commit 745fd4e2 does not discard unused encryption keys.
EPSS Score: 0.05%
February 14th, 2025 (5 months ago)
|
CVE-2024-22525 |
Description: dnspod-sr 0dfbd37 contains a SEGV.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-22524 |
Description: dnspod-sr 0dfbd37 is vulnerable to buffer overflow.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-22393 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1.
Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content.
Users are recommended to upgrade to version [1.2.5], which fixes the issue.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-2216 |
Description: A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-2215 |
Description: A cross-site request forgery (CSRF) vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions.
EPSS Score: 0.04%
February 14th, 2025 (5 months ago)
|
CVE-2024-22074 |
Description: Dynamsoft Service 1.8.1025 through 1.8.2013, 1.7.0330 through 1.7.2531, 1.6.0428 through 1.6.1112, 1.5.0625 through 1.5.3116, 1.4.0618 through 1.4.1230, and 1.0.516 through 1.3.0115 has Incorrect Access Control. This is fixed in 1.8.2014, 1.7.4212, 1.6.3212, 1.5.31212, 1.4.3212, and 1.3.3212.
EPSS Score: 0.09%
February 14th, 2025 (5 months ago)
|