1914 items
Unread (2161) All Dismissed
HIGH
CVE-2024-54508 (CVSS 7.5) — The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 ...
NVD CVE-2024-54508 542d ago
CRITICAL
CVE-2024-10534 (CVSS 9.8) — Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control Systems (...
NVD CVE-2024-10534 569d ago
CRITICAL
CVE-2024-10035 (CVSS 9.8) — Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Special Elemen...
NVD CVE-2024-10035 580d ago
HIGH
CVE-2024-49924 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: fbdev: pxafb: Fix possible use ...
NVD CVE-2024-49924 593d ago
HIGH
CVE-2024-49894 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out ...
NVD CVE-2024-49894 593d ago
HIGH
CVE-2024-6400 (CVSS 7.5) — Cleartext Storage of Sensitive Information, Exposure of Sensitive Information Through Data Queries v...
NVD CVE-2024-6400 611d ago
HIGH
CVE-2024-8644 (CVSS 7.5) — Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp all...
NVD CVE-2024-8644 618d ago
CRITICAL
CVE-2024-8643 (CVSS 9.8) — Session Fixation vulnerability in Oceanic Software ValeApp allows Brute Force, Session Hijacking. T...
NVD CVE-2024-8643 618d ago
HIGH
CVE-2024-8609 (CVSS 7.5) — Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Qu...
NVD CVE-2024-8609 618d ago
CRITICAL
CVE-2024-8607 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-8607 618d ago
CRITICAL
CVE-2024-7108 (CVSS 9.8) — Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows Acce...
NVD CVE-2024-7108 619d ago
HIGH
CVE-2024-7107 (CVSS 7.5) — Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Se...
NVD CVE-2024-7107 619d ago
HIGH
CVE-2024-5958 (CVSS 8.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-5958 626d ago
CRITICAL
CVE-2024-7104 (CVSS 9.8) — Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure...
NVD CVE-2024-7104 628d ago
CRITICAL
CVE-2024-7098 (CVSS 9.8) — Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure all...
NVD CVE-2024-7098 628d ago
CRITICAL
CVE-2024-6401 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-6401 628d ago
CRITICAL
CVE-2024-6656 (CVSS 9.8) — Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sen...
NVD CVE-2024-6656 632d ago
HIGH
CVE-2024-3306 (CVSS 7.5) — Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows...
NVD CVE-2024-3306 633d ago
HIGH
CVE-2024-3305 (CVSS 7.5) — Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Utarit Info...
NVD CVE-2024-3305 633d ago
HIGH
CVE-2024-7609 (CVSS 7.5) — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vidc...
NVD CVE-2024-7609 634d ago
CRITICAL
CVE-2024-7015 (CVSS 9.8) — Missing Authentication for Critical Function vulnerability in Profelis Informatics and Consulting Pa...
NVD CVE-2024-7015 635d ago
HIGH
CVE-2024-6445 (CVSS 7.5) — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Data...
NVD CVE-2024-6445 638d ago
HIGH
CVE-2024-1744 (CVSS 7.5) — Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Ariva Compu...
NVD CVE-2024-1744 639d ago
CRITICAL
CVE-2024-45159 (CVSS 9.8) — An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional a...
NVD CVE-2024-45159 639d ago
CRITICAL
CVE-2024-7078 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-7078 640d ago
CRITICAL
CVE-2024-7076 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-7076 640d ago
CRITICAL
CVE-2024-4259 (CVSS 9.8) — Missing Authorization vulnerability in SAMPAŞ Holding AKOS (AkosCepVatandasService), SAMPAŞ Holding ...
NVD CVE-2024-4259 641d ago
HIGH
CVE-2024-6921 (CVSS 7.5) — Cleartext Storage of Sensitive Information vulnerability in NAC Telecommunication Systems Inc. NACPr...
NVD CVE-2024-6921 642d ago
CRITICAL
CVE-2024-6919 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-6919 642d ago
CRITICAL
CVE-2024-4428 (CVSS 9.8) — Missing Authentication for Critical Function, Missing Authorization vulnerability in Menulux Informa...
NVD CVE-2024-4428 647d ago
CRITICAL
CVE-2024-7071 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 564 - SQ...
NVD CVE-2024-7071 648d ago
CRITICAL
CVE-2024-7593 (CVSS 9.8) — Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or ...
NVD CVE-2024-7593 662d ago
CRITICAL
CVE-2024-6917 (CVSS 9.8) — Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerabi...
NVD CVE-2024-6917 663d ago
CRITICAL
CVE-2024-6699 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-6699 677d ago
HIGH
CVE-2023-52682 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writ...
NVD CVE-2023-52682 750d ago
CRITICAL
CVE-2023-6191 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2023-6191 800d ago
HIGH
CVE-2024-23775 (CVSS 7.5) — Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers ...
NVD CVE-2024-23775 858d ago
HIGH
CVE-2024-23744 (CVSS 7.5) — An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a ...
NVD CVE-2024-23744 867d ago
CRITICAL
CVE-2023-6436 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2023-6436 887d ago
HIGH
CVE-2023-51767 (CVSS 7) — OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authen...
NVD CVE-2023-51767 896d ago
CRITICAL
CVE-2023-2889 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2023-2889 927d ago
HIGH
CVE-2023-47360 (CVSS 7.5) — Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet...
NVD CVE-2023-47360 942d ago
CRITICAL
CVE-2023-47359 (CVSS 9.8) — Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Bu...
NVD CVE-2023-47359 942d ago
HIGH
CVE-2023-5443 (CVSS 7.5) — Improper Protection for Outbound Error Messages and Alert Signals vulnerability in EDM Informatics E...
NVD CVE-2023-5443 953d ago
CRITICAL
CVE-2023-5807 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2023-5807 954d ago
HIGH
CVE-2023-5570 (CVSS 7.5) — Improper Protection for Outbound Error Messages and Alert Signals vulnerability in Inohom Home Manag...
NVD CVE-2023-5570 954d ago
HIGH
CVE-2023-46136 (CVSS 8) — Werkzeug is a comprehensive WSGI web application library. In versions on the 3.x branch prior to 3.0...
NVD CVE-2023-46136 955d ago
CRITICAL
CVE-2023-45199 (CVSS 9.8) — Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution...
NVD CVE-2023-45199 974d ago
HIGH
CVE-2023-43615 (CVSS 7.5) — Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
NVD CVE-2023-43615 974d ago
CRITICAL
CVE-2023-4833 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2023-4833 996d ago
HIGH NVD Thu, 12 Dec 2024 02:15:31 UTC
CVE-2024-54508 (CVSS 7.5) — The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 ...
https://nvd.nist.gov/vuln/detail/CVE-2024-54508
TL;DR
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2024-54508
Read full story ↗