Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-55582 |
Description: Oxide before 6 has unencrypted Control Plane datastores.
CVSS: MEDIUM (5.7) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-55580 |
Description: An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. Unprivileged users with network access may be able to execute remote commands that could cause high availability damages, including high integrity and confidentiality risks. This is fixed in November 2024 IR, May 2024 Patch 10, February 2024 Patch 14, November 2023 Patch 16, August 2023 Patch 16, May 2023 Patch 18, and February 2023 Patch 15.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-55579 |
Description: An issue was discovered in Qlik Sense Enterprise for Windows before November 2024 IR. An unprivileged user with network access may be able to create connection objects that trigger execution of arbitrary EXE files. This is fixed in November 2024 IR, May 2024 Patch 10, February 2024 Patch 14, November 2023 Patch 16, August 2023 Patch 16, May 2023 Patch 18, and February 2023 Patch 15.
CVSS: HIGH (8.8) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-55578 |
Description: Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and application_secret) in log files.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-55566 |
Description: ColPack 1.0.10 through 9a7293a has a predictable temporary file (located under /tmp with a name derived from an unseeded RNG). The impact can be overwriting files or making ColPack graphing unavailable to other users.
CVSS: MEDIUM (6.6) EPSS Score: 0.05%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-55565 |
Description: nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-55564 |
Description: The POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-54938 |
Description: A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/uploads.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-54937 |
Description: A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-54936 |
Description: A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message.php of Kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the my_message parameter.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 10th, 2024 (4 months ago)
|