Total
278725 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-2709 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-2907. Reason: This candidate is a duplicate of CVE-2012-2907. Notes: All CVE users should reference CVE-2012-2907 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
CVE-2017-1000441 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-14931. Reason: This candidate is a reservation duplicate of CVE-2017-14931. Notes: All CVE users should reference CVE-2017-14931 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
CVE-2024-45847 | 1 Mindsdb | 1 Mindsdb | 2024-09-16 | 8.8 High |
An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server. If a specially crafted ‘UPDATE’ query containing Python code is run against a database created with the specified integration engine, the code will be passed to an eval function and executed on the server. | ||||
CVE-2024-45846 | 1 Mindsdb | 1 Mindsdb | 2024-09-16 | 8.8 High |
An arbitrary code execution vulnerability exists in versions 23.10.3.0 up to 24.7.4.1 of the MindsDB platform, when the Weaviate integration is installed on the server. If a specially crafted ‘SELECT WHERE’ clause containing Python code is run against a database created with the Weaviate engine, the code will be passed to an eval function and executed on the server. | ||||
CVE-2012-3379 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0808. Reason: This candidate is a duplicate of CVE-2012-0808. Notes: All CVE users should reference CVE-2012-0808 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
CVE-2024-45621 | 1 Rocket.chat | 1 Rocket.chat | 2024-09-16 | 5.4 Medium |
The Electron desktop application of Rocket.Chat through 6.3.4 allows stored XSS via links in an uploaded file, related to failure to use a separate browser upon encountering third-party external actions from PDF documents. | ||||
CVE-2012-4521 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4505. Reason: This candidate is a duplicate of CVE-2012-4505. Notes: All CVE users should reference CVE-2012-4505 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
CVE-2012-2700 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-2340. Reason: This candidate is a duplicate of CVE-2012-2340. Notes: All CVE users should reference CVE-2012-2340 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
CVE-2024-28100 | 1 Elabftw | 1 Elabftw | 2024-09-16 | 8.9 High |
eLabFTW is an open source electronic lab notebook for research labs. By uploading specially crafted files, a regular user can create a circumstance where a visitor's browser runs arbitrary JavaScript code in the context of the eLabFTW application. This can be triggered by the visitor viewing a list of experiments. Viewing this allows the malicious script to act on behalf of the visitor in any way, including the creation of API keys for persistence, or other options normally available to the user. If the user viewing the page has the sysadmin role in eLabFTW, the script can act as a sysadmin (including system configuration and extensive user management roles). Users are advised to upgrade to at least version 5.0.0. There are no known workarounds for this vulnerability. | ||||
CVE-2006-4180 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a reservation duplicate of another identifier and was never published. Notes: none | ||||
CVE-2017-1000178 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11096. Reason: This candidate is a reservation duplicate of CVE-2017-11096. Notes: All CVE users should reference CVE-2017-11096 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
CVE-2011-5373 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5373. Reason: This candidate is a duplicate of CVE-2012-5373. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2012-5373 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
CVE-2005-0093 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | ||||
CVE-2017-1000123 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-12425. Reason: This candidate is a reservation duplicate of CVE-2017-12425. Notes: All CVE users should reference CVE-2017-12425 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
CVE-2005-3703 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2272. Reason: This candidate is a duplicate of CVE-2005-2272. It was reserved when another candidate was already public. Notes: All CVE users should reference CVE-2005-2272 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
CVE-2011-4456 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4313. Reason: This candidate is a reservation duplicate of CVE-2011-4313. Notes: All CVE users should reference CVE-2011-4313 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
CVE-2024-39747 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling Connect Direct Web Services, Linux Kernel and 1 more | 2024-09-16 | 8.1 High |
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality. | ||||
CVE-2024-42481 | 2 Skyport, Skyportlabs | 2 Skyportd, Skyportd | 2024-09-16 | 7.5 High |
Skyport Daemon (skyportd) is the daemon for the Skyport Panel. By making thousands of folders & files (easy due to skyport's lack of rate limiting on createFolder. createFile), skyportd in a lot of cases will cause 100% CPU usage and an OOM, probably crashing the system. This is fixed in 0.2.2. | ||||
CVE-2006-1054 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-1861. Reason: This candidate is a reservation duplicate of CVE-2006-1861. Notes: All CVE users should reference CVE-2006-1861 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||
CVE-2013-0280 | 2024-09-16 | N/A | ||
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1664, CVE-2013-1665. Reason: This candidate is a duplicate of CVE-2013-1664 and/or CVE-2013-1665. Notes: All CVE users should reference CVE-2013-1664 and/or CVE-2013-1665 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage |