Latest CVE Feed
-
7.2
HIGHCVE-2024-22626
Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_retailer.php?id=.... Read more
Affected Products : supplier_management_system- EPSS Score: %0.14
- Published: Jan. 16, 2024
- Modified: Jun. 04, 2025
-
5.8
MEDIUMCVE-2024-20513
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition for targeted users of the AnyConnect service on an affected... Read more
- Published: Oct. 02, 2024
- Modified: Jun. 04, 2025
-
5.9
MEDIUMCVE-2024-20509
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service (DoS) condition for... Read more
- Published: Oct. 02, 2024
- Modified: Jun. 04, 2025
-
7.5
HIGHCVE-2024-20502
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to insu... Read more
- Published: Oct. 02, 2024
- Modified: Jun. 04, 2025
-
8.6
HIGHCVE-2024-20501
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. ... Read more
- Published: Oct. 02, 2024
- Modified: Jun. 04, 2025
-
7.5
HIGHCVE-2024-20500
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. This vu... Read more
- Published: Oct. 02, 2024
- Modified: Jun. 04, 2025
-
8.6
HIGHCVE-2024-20499
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. ... Read more
- Published: Oct. 02, 2024
- Modified: Jun. 04, 2025
-
8.6
HIGHCVE-2024-20498
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. ... Read more
- Published: Oct. 02, 2024
- Modified: Jun. 04, 2025
-
4.7
MEDIUMCVE-2022-23089
When dumping core and saving process information, proc_getargv() might return an sbuf which have a sbuf_len() of 0 or -1, which is not properly handled. An out-of-bound read can happen when user constructs a specially crafted ps_string, which in turn can... Read more
Affected Products : freebsd- EPSS Score: %0.05
- Published: Feb. 15, 2024
- Modified: Jun. 04, 2025
-
6.1
MEDIUMCVE-2024-21728
An Open Redirect vulnerability was found in osTicky2 below 2.2.8. osTicky (osTicket Bridge) by SmartCalc is a Joomla 3.x extension that provides Joomla fronted integration with osTicket, a popular Support ticket system. The Open Redirect vulnerability all... Read more
Affected Products : osticky- EPSS Score: %0.07
- Published: Feb. 15, 2024
- Modified: Jun. 04, 2025
-
6.1
MEDIUMCVE-2024-27184
Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not..... Read more
Affected Products : joomla\!- Published: Aug. 20, 2024
- Modified: Jun. 04, 2025
-
9.1
CRITICALCVE-2024-27185
The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors.... Read more
Affected Products : joomla\!- Published: Aug. 20, 2024
- Modified: Jun. 04, 2025
-
6.1
MEDIUMCVE-2024-27186
The mail template feature lacks an escaping mechanism, causing XSS vectors in multiple extensions.... Read more
Affected Products : joomla\!- Published: Aug. 20, 2024
- Modified: Jun. 04, 2025
-
7.5
HIGHCVE-2024-27187
Improper Access Controls allows backend users to overwrite their username when disallowed.... Read more
Affected Products : joomla\!- Published: Aug. 20, 2024
- Modified: Jun. 04, 2025
-
6.1
MEDIUMCVE-2024-40743
The stripImages and stripIframes methods didn't properly process inputs, leading to XSS vectors.... Read more
Affected Products : joomla\!- Published: Aug. 20, 2024
- Modified: Jun. 04, 2025
-
9.8
CRITICALCVE-2024-40744
Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8.... Read more
Affected Products : convert_forms- Published: Dec. 04, 2024
- Modified: Jun. 04, 2025
-
5.4
MEDIUMCVE-2024-40745
Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.8.... Read more
Affected Products : convert_forms- Published: Dec. 04, 2024
- Modified: Jun. 04, 2025
-
6.1
MEDIUMCVE-2024-40747
Various module chromes didn't properly process inputs, leading to XSS vectors.... Read more
Affected Products : joomla\!- Published: Jan. 07, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Cross-Site Scripting
-
7.5
HIGHCVE-2024-40748
Lack of output escaping in the id attribute of menu lists.... Read more
Affected Products : joomla\!- Published: Jan. 07, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Cross-Site Scripting
-
7.5
HIGHCVE-2024-40749
Improper Access Controls allows access to protected views.... Read more
Affected Products : joomla\!- Published: Jan. 07, 2025
- Modified: Jun. 04, 2025
- Vuln Type: Authorization