VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-07-23
CVE-2024-38176
An improper restriction of excessive authentication attempts in GroupMe allows a unauthenticated attacker to elevate privileges over a network.
network
high complexity
CWE-307
8.1
8.1
2024-07-23
CVE-2024-0760
A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress.
network
low complexity
7.5
7.5
2024-07-23
CVE-2024-1737
Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1.
network
low complexity
7.5
7.5
2024-07-23
CVE-2024-1975
If a server hosts a zone containing a "KEY" Resource Record, or a resolver DNSSEC-validates a "KEY" Resource Record from a DNSSEC-signed domain in cache, a client can exhaust resolver CPU resources by sending a stream of SIG(0) signed requests. This issue affects BIND 9 versions 9.0.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.49-S1, and 9.18.11-S1 through 9.18.27-S1.
network
low complexity
7.5
7.5
2024-07-23
CVE-2024-40060
go-chart v2.1.1 was discovered to contain an infinite loop via the drawCanvas() function.
network
low complexity
CWE-835
7.5
7.5
2024-07-23
CVE-2024-41319
Command Injection vulnerability in Totolink A6000R Firmware 1.0.1B20201211.2000
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the cmd parameter in the webcmd function.
network
low complexity
totolink
CWE-77
critical
9.8
9.8
2024-07-23
CVE-2024-34128
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
CWE-79
5.4
5.4
2024-07-23
CVE-2024-41836
InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS).
local
low complexity
CWE-476
5.5
5.5
2024-07-23
CVE-2024-41839
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation vulnerability that could lead to a security feature bypass.
network
low complexity
CWE-20
4.1
4.1
2024-07-23
CVE-2024-6828
The Redux Framework plugin for WordPress is vulnerable to unauthenticated JSON file uploads due to missing authorization and capability checks on the Redux_Color_Scheme_Import function in versions 4.4.12 to 4.4.17.
network
low complexity
7.2
7.2
«
Previous
1
2
3
4
(current)
5
6
...
21701
21702
»
Next