2024-02-17 | CVE-2024-20923 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). | 3.1 |
2024-02-17 | CVE-2024-20925 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). | 3.1 |
2024-02-16 | CVE-2024-23591 | ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting. The server’s NIST SP 800-193-compliant Platform Firmware Resiliency (PFR) security subsystem significantly mitigates this issue. | 2.0 |
2024-02-13 | CVE-2024-22043 | A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.251), Parasolid V35.1 (All versions < V35.1.170). | 3.3 |
2024-02-12 | CVE-2024-23760 | Information Exposure Through Log Files vulnerability in Gambio 4.9.2.0 Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot. | 2.7 |
2024-02-09 | CVE-2024-23319 | Cross-Site Request Forgery (CSRF) vulnerability in Mattermost Server 5.23.0 Mattermost Jira Plugin fails to protect against logout CSRF allowing an attacker to post a specially crafted message that would disconnect a user's Jira connection in Mattermost only by viewing the message. | 3.5 |
2024-02-07 | CVE-2024-0628 | Server-Side Request Forgery (SSRF) vulnerability in Wprssaggregator WP RSS Aggregator The WP RSS Aggregator plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.23.5 via the RSS feed source in admin settings. | 3.8 |
2024-02-06 | CVE-2024-1048 | Incomplete Cleanup vulnerability in multiple products A flaw was found in the grub2-set-bootflag utility of grub2. | 3.3 |
2024-02-06 | CVE-2024-20810 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Samsung Android 12.0/13.0 Implicit intent hijacking vulnerability in Smart Suggestions prior to SMR Feb-2024 Release 1 allows local attackers to get sensitive information. | 3.3 |
2024-02-06 | CVE-2024-20811 | Unspecified vulnerability in Samsung Android 11.0/12.0 Improper caller verification in GameOptimizer prior to SMR Feb-2024 Release 1 allows local attackers to configure GameOptimizer. | 3.3 |