Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2024-04-25	CVE-2024-22373	An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. network high complexity	8.1
2024-04-25	CVE-2024-22391	A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. network high complexity CWE-119	7.7
2024-04-24	CVE-2024-20353	Infinite Loop vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking when parsing an HTTP header. network low complexity cisco CWE-835	8.6
2024-04-24	CVE-2024-20359	Code Injection vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. local low complexity cisco CWE-94	6.0
2024-04-23	CVE-2024-28130	An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8. network low complexity CWE-704	7.5
2024-04-23	CVE-2024-3911	An unauthenticated remote attacker can deceive users into performing unintended actions due to improper restriction of rendered UI layers or frames. network low complexity CWE-1021	6.5
2024-04-23	CVE-2024-1241	Watchdog Antivirus v1.6.415 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002014 IOCTL code of the wsdk-driver.sys driver. local low complexity CWE-476	5.5
2024-04-23	CVE-2024-2760	Bkav Home v7816, build 2403161130 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x222240 IOCTL code of the BkavSDFlt.sys driver. local low complexity CWE-200	5.5
2024-04-22	CVE-2024-4040	A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server. network low complexity CWE-94 critical	10.0
2024-04-19	CVE-2024-29991	Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability network high complexity	5.0

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities