- CVE-2024-42029 - xdg-desktop-portal-hyprland OS Command Injection
- CVE-2024-6573 - WordPress Intelligence Plugin Full Path Disclosure
- CVE-2024-6634 - WordPress Master Currency Stored Cross-Site Scripting
- CVE-2024-6591 - WordPress Auction Plugin Email Exfiltration(',')
- CVE-2024-6661 - "ParityPress WordPress Parity Pricing with Discount Rules Stored Cross-Site Scripting Vulnerability"
- CVE-2024-6546 - WordPress One Click Close Comments Full Path Disclosure
- CVE-2024-6547 - "WordPress Add Admin CSS Plugin Full Path Disclosure"
- CVE-2024-6548 - WordPress Add Admin JavaScript Plugin Full Path Disclosure
- CVE-2024-6549 - Apache Full Path Disclosure in WordPress Admin Post Navigation Plugin
- CVE-2024-6566 - Aramex Shipping WooCommerce Full Path Disclosure in WordPress
- CVE-2024-6545 - WordPress Admin Trim Interface Plugin Full Path Disclosure
- CVE-2024-1804 - Tutor LMS WordPress Unauthorized Data Modification Vulnerability (Arbitrary File Upload)
- CVE-2024-4410 - IgnitionDeck WordPress Crowdfunding Platform Authentication Bypass
- CVE-2024-1798 - Tutor LMS WordPress Missing Capability Check Privilege Escalation Information Disclosure
- CVE-2024-40433 - WeChat Insecure Permissions Privilege Escalation Vulnerability
- CVE-2024-37034 - Couchbase Server Unsecured Credentials Exposure
- CVE-2024-41628 - Severalnines Cluster Control Directory Traversalाख
- CVE-2024-41815 - Starship Bash Shell Injection Vulnerability
- CVE-2024-41118 - Streamlit-Geospatial Blind SSRF
- CVE-2024-40117 - Solar-Log Administrative Privilege Escalation ermögelt über unsichere Zugriffskontrolle
- CVE-2024-4786 - Lenovo Tab K10 Denial of Sleep (DoS) Vulnerability
- CVE-2024-38510 - XCC SSH Privilege Escalation Command Injection Vulnerability
- CVE-2024-38511 - XCC Command Injection Privilege Escalation
- CVE-2024-38512 - XCC IPMI Command Injection Privilege Escalation Vulnerability
- CVE-2024-40116 - Solar-Log Plain Password Storage Vulnerability
- CVE-2024-38508 - XCC Command Injection Privilege Escalation
- CVE-2024-38509 - XCC IPMI Privilege Escalation Vulnerability
- CVE-2024-42007 - SPX Directory Traversal Arbitrary File Read Vulnerability
- CVE-2024-41813 - Txtdot SSRF
- CVE-2024-41354 - phpipam XSS Injection
- CVE-2024-41812 - "txtdot SSRF Proxy"
- CVE-2024-41353 - Phpipam Cross-Site Scripting Vulnerability
- CVE-2024-41373 - ICEcoder Path Traversal
- CVE-2024-41374 - ICEcoder Cross Site Scripting (XSS) Vulnerability
- CVE-2024-41375 - ICEcoder XSS Injection
- CVE-2024-24257 - Skteco Central Control Attendance Machine Information Disclosure Vulnerability
- CVE-2024-26520 - "Restaurant Digital Comprehensive Management BYPASS_AUTH_PASSWORD_RESET"
- CVE-2024-27357 - WithSecure local privilege escalation vulnerability
- CVE-2024-27358 - WithSecure Elements Agent and Client Security Denial-of-Service (DoS) Local Privilege Escalation
- CVE-2023-50700 - Deepin DDE File Manager Privilege Escalation Vulnerability
- CVE-2024-41355 - phpipam Cross Site Scripting (XSS)
- CVE-2024-41356 - phpipam Cross Site Scripting (XSS)
- CVE-2024-41357 - phpipam Stored XSS Vulnerability
- CVE-2024-41807 - Apache Twait Buffer Corruption
- CVE-2024-7050 - OpenText Directory Services Authentication Bypass
- CVE-2024-41670 - PayPal PrestaShop Note Missing Payment Confirmation
- CVE-2024-41805 - Tracks GTD Reflected Cross-Site Scripting Vulnerability
- CVE-2024-6922 - Automation Anywhere Automation 360 SSRF
- CVE-2024-7128 - Openshift Console Authentication Bypass
- CVE-2024-40689 - IBM InfoSphere Information Server SQL Injection Vulnerability
- CVE-2024-41692 - SyroTech SY-GPON-1110-WDONT Router Physical Access Root Terminal Vulnerability
- CVE-2024-41686 - SyroTech SY-GPON-1110-WDONT Router Password Policy Implementation Vulnerability (Insufficient Password Complexity)
- CVE-2024-41687 - "SyroTech SY-GPON-1110-WDONT Plain Text Password Transmit Vulnerability"
- CVE-2024-41688 - SyroTech SY-GPON-1110-WDONT Router Unencrypted Credential Storage Vulnerability
- CVE-2024-41689 - SyroTech SY-GPON-1110-WDONT Router WPA/WPS Credentials Exposure
- CVE-2024-41690 - SyroTech SY-GPON-1110-WDONT Router Default Credentials Plaintext Storage Vulnerability
- CVE-2024-41691 - SyroTech SY-GPON-1110-WDONT Router FTP Credentials Storage Vulnerability
- CVE-2024-41684 - SyroTech SY-GPON-1110-WDONT Router Session Cookie Hijacking Vulnerability
- CVE-2024-41685 - SyroTech SY-GPON-1110-WDONT Router Missing HTTPOnly Flag for Session Cookies
- CVE-2024-35296 - Apache Traffic Server Accept-Encoding Header Validation Vulnerability (Cache Hijacking)
- CVE-2024-35161 - Apache Traffic Server Chunked Trailer Request Smuggling and Cache Poisoning
- CVE-2023-38522 - Apache Traffic Server HTTP Field Name Validation vulnerability
- CVE-2024-25090 - Apache Roller Cross-Site Scripting Vulnerability
- CVE-2024-40897 - ORC Buffer Overflow Vulnerability
- CVE-2024-6490 - Master Slider WordPress Plugin CSRF Vulnerability
- CVE-2023-49921 - ElasticWatcher DEBUG Logging Information Disclosure Vulnerability
- CVE-2024-7119 - MD-MAFUJUL-HASAN Online-Payroll-Management-System SQL Injection
- CVE-2024-7120 - Raisecom MSG Series Web Interface OS Command Injection Vulnerability
- CVE-2024-7117 - MD-MAFUJUL-HASAN Online-Payroll-Management-System SQL Injection Vulnerability
- CVE-2024-7118 - A vulnerability classified as critical was found i
- CVE-2024-7116 - "MD-MAFUJUL-HASAN Online-Payroll-Management-System Remote File SQL Injection Vulnerability"
- CVE-2024-4447 - Apache ActiveMQ Session ID Information Disclosure
- CVE-2024-7114 - Tianchoy Blog SQL Injection Vulnerability
- CVE-2024-7115 - MD-MAFUJUL-HASAN Online-Payroll-Management-System SQL Injection Vulnerability
- CVE-2024-41473 - Tenda FH1201 Command Injection Vulnerability
- CVE-2024-41468 - Tenda FH1201 Command Injection
- CVE-2024-3938 - Apache DotAdmin HTML Injection Vulnerability
- CVE-2024-38103 - Microsoft Edge Internal URL Disclosure
- CVE-2024-7106 - Spina CMS CSRF Vulnerability
- CVE-2024-41809 - OpenObserve Cross-Site Scripting Vulnerability
- CVE-2024-7105 - ForIP Tecnologia PABX SQL Injection Vulnerability
- CVE-2024-38289 - R-HUB TurboMeeting SQL Injection
- CVE-2024-40324 - E-Staff CRLF Injection Vulnerability
- CVE-2024-6558 - HMS Industrial Networks Anybus-CompactCom Cross-Site Scripting (XSS) Vulnerability
- CVE-2024-29068 - Snapd Denial of Service Vulnerability
- CVE-2024-29069 - Snapd Path Traversal Vulnerability
- CVE-2024-38287 - R-HUB TurboMeeting Password Reset Vulnerability
- CVE-2024-38288 - R-HUB TurboMeeting Root Shell Command Injection
- CVE-2024-40318 - Webkul Qloapps Remote Code Execution
- CVE-2024-1724 - Snapd AppArmor Path Traversal Vulnerability
- CVE-2024-40873 - "Absolute Secure Access Cross-Site Scripting"
- CVE-2024-28772 - IBM Security Directory Integrator Cross-Site Scripting (CSX)
- CVE-2022-32759 - IBM X-Force ID 228565: IBM Security Directory Integrator Insufficient Session Expiration
- CVE-2024-41800 - Craft CMS TOTP Token Reuse Authentication Bypass
- CVE-2024-41801 - OpenProject Host Header Redirection Vulnerability
- CVE-2024-7007 - Positron Broadcast Signal Processor TRA7005 Authentication Bypass Vulnerability
- CVE-2024-36542 - Kuma Service Account Token Privilege Escalation Vulnerability
- CVE-2024-7101 - ForIP Tecnologia PABX SQL Injection Vulnerability
- CVE-2024-41806 - Open edX Platform: AWS S3 Public Bucket Exposure (Information Disclosure)
- CVE-2024-36111 - KubePi JWT Key Empty Verification Remote Code Execution Vulnerability