Total 278725 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-2709 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-2907. Reason: This candidate is a duplicate of CVE-2012-2907. Notes: All CVE users should reference CVE-2012-2907 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2017-1000441 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-14931. Reason: This candidate is a reservation duplicate of CVE-2017-14931. Notes: All CVE users should reference CVE-2017-14931 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2024-45847 1 Mindsdb 1 Mindsdb 2024-09-16 8.8 High
An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server. If a specially crafted ‘UPDATE’ query containing Python code is run against a database created with the specified integration engine, the code will be passed to an eval function and executed on the server.
CVE-2024-45846 1 Mindsdb 1 Mindsdb 2024-09-16 8.8 High
An arbitrary code execution vulnerability exists in versions 23.10.3.0 up to 24.7.4.1 of the MindsDB platform, when the Weaviate integration is installed on the server. If a specially crafted ‘SELECT WHERE’ clause containing Python code is run against a database created with the Weaviate engine, the code will be passed to an eval function and executed on the server.
CVE-2012-3379 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0808. Reason: This candidate is a duplicate of CVE-2012-0808. Notes: All CVE users should reference CVE-2012-0808 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2024-45621 1 Rocket.chat 1 Rocket.chat 2024-09-16 5.4 Medium
The Electron desktop application of Rocket.Chat through 6.3.4 allows stored XSS via links in an uploaded file, related to failure to use a separate browser upon encountering third-party external actions from PDF documents.
CVE-2012-4521 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4505. Reason: This candidate is a duplicate of CVE-2012-4505. Notes: All CVE users should reference CVE-2012-4505 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2012-2700 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-2340. Reason: This candidate is a duplicate of CVE-2012-2340. Notes: All CVE users should reference CVE-2012-2340 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2024-28100 1 Elabftw 1 Elabftw 2024-09-16 8.9 High
eLabFTW is an open source electronic lab notebook for research labs. By uploading specially crafted files, a regular user can create a circumstance where a visitor's browser runs arbitrary JavaScript code in the context of the eLabFTW application. This can be triggered by the visitor viewing a list of experiments. Viewing this allows the malicious script to act on behalf of the visitor in any way, including the creation of API keys for persistence, or other options normally available to the user. If the user viewing the page has the sysadmin role in eLabFTW, the script can act as a sysadmin (including system configuration and extensive user management roles). Users are advised to upgrade to at least version 5.0.0. There are no known workarounds for this vulnerability.
CVE-2006-4180 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a reservation duplicate of another identifier and was never published. Notes: none
CVE-2017-1000178 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-11096. Reason: This candidate is a reservation duplicate of CVE-2017-11096. Notes: All CVE users should reference CVE-2017-11096 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2011-5373 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5373. Reason: This candidate is a duplicate of CVE-2012-5373. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2012-5373 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2005-0093 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
CVE-2017-1000123 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-12425. Reason: This candidate is a reservation duplicate of CVE-2017-12425. Notes: All CVE users should reference CVE-2017-12425 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2005-3703 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2272. Reason: This candidate is a duplicate of CVE-2005-2272. It was reserved when another candidate was already public. Notes: All CVE users should reference CVE-2005-2272 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2011-4456 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4313. Reason: This candidate is a reservation duplicate of CVE-2011-4313. Notes: All CVE users should reference CVE-2011-4313 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2024-39747 3 Ibm, Linux, Microsoft 4 Aix, Sterling Connect Direct Web Services, Linux Kernel and 1 more 2024-09-16 8.1 High
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality.
CVE-2024-42481 2 Skyport, Skyportlabs 2 Skyportd, Skyportd 2024-09-16 7.5 High
Skyport Daemon (skyportd) is the daemon for the Skyport Panel. By making thousands of folders & files (easy due to skyport's lack of rate limiting on createFolder. createFile), skyportd in a lot of cases will cause 100% CPU usage and an OOM, probably crashing the system. This is fixed in 0.2.2.
CVE-2006-1054 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-1861. Reason: This candidate is a reservation duplicate of CVE-2006-1861. Notes: All CVE users should reference CVE-2006-1861 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2013-0280 2024-09-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1664, CVE-2013-1665. Reason: This candidate is a duplicate of CVE-2013-1664 and/or CVE-2013-1665. Notes: All CVE users should reference CVE-2013-1664 and/or CVE-2013-1665 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage