Latest CVE Feed
-
7.5
CVSS31CVE-2025-21296
BranchCache Remote Code Execution Vulnerability... Read more
- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.5
CVSS31CVE-2025-21277
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability... Read more
- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.5
CVSS31CVE-2024-57654
An issue in the qst_vec_get_int64 component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.... Read more
Affected Products :- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.5
CVSS31CVE-2024-57631
An issue in the exp_ref component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.... Read more
Affected Products :- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.5
CVSS31CVE-2024-57633
An issue in the exps_bind_column component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.... Read more
Affected Products :- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.5
CVSS31CVE-2024-46667
A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to deny valid TLS traffic via consuming all allotted connect... Read more
Affected Products : fortisiem- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.5
CVSS31CVE-2024-57628
An issue in the exp_values_set_supertype component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.... Read more
Affected Products :- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.4
CVSS31CVE-2024-56841
A vulnerability has been identified in Mendix LDAP (All versions < V1.1.2). Affected versions of the module are vulnerable to LDAP injection. This could allow an unauthenticated remote attacker to bypass username verification.... Read more
Affected Products :- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.4
CVSS31CVE-2024-50338
Git Credential Manager (GCM) is a secure Git credential helper built on .NET that runs on Windows, macOS, and Linux. The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `... Read more
Affected Products :- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.3
CVSS31- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.3
CVSS31CVE-2025-0465
A vulnerability was found in AquilaCMS 1.412.13. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/v2/categories. The manipulation of the argument PostBody.populate leads to deserialization. The attack ma... Read more
Affected Products :- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.3
CVSS31- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.3
CVSS31CVE-2024-13181
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. This CVE addresses incomplete fixes from CVE-2024-47010.... Read more
Affected Products : avalanche- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.3
CVSS31CVE-2024-13179
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication.... Read more
Affected Products : avalanche- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.3
CVSS31CVE-2025-21331
Windows Installer Elevation of Privilege Vulnerability... Read more
- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.3
CVSS31CVE-2025-0460
A vulnerability, which was classified as critical, was found in Blog Botz for Journal Theme 1.0 on OpenCart. This affects an unknown part of the file /index.php?route=extension/module/blog_add. The manipulation of the argument image leads to unrestricted ... Read more
Affected Products :- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.2
CVSS31CVE-2025-20016
OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340/D440 provided by Y'S corporation. A user with an administrative privilege who logged in to the web management page of the affected product may execute an arbitrary O... Read more
Affected Products :- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.2
CVSS31CVE-2024-13158
An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution.... Read more
Affected Products : endpoint_manager- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.2
CVSS31CVE-2025-21348
Microsoft SharePoint Server Remote Code Execution Vulnerability... Read more
Affected Products : sharepoint_server- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025
-
7.2
CVSS31CVE-2024-13162
SQL injection in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. This CVE addresses incomplete fixes from CVE-... Read more
Affected Products : endpoint_manager- Published: Jan. 14, 2025
- Modified: Jan. 14, 2025