ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
CVE-2024-37032
Currently trending CVE - Hype Score: 4 - Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the TestGetBlobsPath test cases such a
CVE-2024-56208
Currently trending CVE - Hype Score: 2 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in desertthemes NewsMash newsmash allows Stored XSS.This issue affects NewsMash:
CVE-2024-56373 - Apache Airflow: SSTI to Code Execution in Airflow through Shared DB Information
CVE ID : CVE-2024-56373 Published : Feb. 24, 2026, 10:16 a.m. | 6 hours, 31 minutes ago Description : DAG Author (who already has quite a lot of permissions) could manipulate database of Airflow 2 in the way to execut
CVE-2024-54222
Currently trending CVE - Hype Score: 2 - Missing Authorization vulnerability in Seraphinite Solutions Seraphinite Accelerator seraphinite-accelerator allows Retrieve Embedded Sensitive Data.This issue affects Seraphinite
CVE-2024-7694
Currently trending CVE - Hype Score: 4 - ThreatSonar Anti-Ransomware from TeamT5 does not properly validate the content of uploaded files. Remote attackers with administrator privileges on the product platform can uploa
CVE-2024-55270 - phpgurukul Student Management System SQL Injection
CVE ID : CVE-2024-55270 Published : Feb. 17, 2026, 6:20 p.m. | 1 hour, 42 minutes ago Description : phpgurukul Student Management System 1.0 is vulnerable to SQL Injection in studentms/admin/search.php via the searchd
CVE-2024-27834
Currently trending CVE - Hype Score: 1 - The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary
CVE-2024-22120
Currently trending CVE - Hype Score: 5 - Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to "Audit Log". Due to "clientip" field is not sanitized, it is
CVE-2024-7928
Currently trending CVE - Hype Score: 12 - A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/aj
CISA Warns of Microsoft Configuration Manager SQL Injection Vulnerability Exploited in Attacks
CISA has issued an urgent alert about a critical SQL injection vulnerability in Microsoft Configuration Manager (SCCM). Tracked as CVE-2024-43468, this flaw lets unauthenticated attackers run malicious commands on server
CVE-2024-12356
Currently trending CVE - Hype Score: 6 - A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that
CVE-2024-5242
Currently trending CVE - Hype Score: 6 - TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected ins
CVE-2024-5386 - Account Hijacking via Password Reset Token Leak in lunary-ai/lunary
CVE ID : CVE-2024-5386 Published : Feb. 2, 2026, 11:16 a.m. | 36 minutes ago Description : In lunary-ai/lunary version 1.2.2, an account hijacking vulnerability exists due to a password reset token leak. A user with a
CVE-2024-5986 - Remote Arbitrary File Write with Arbitrary Data in h2oai/h2o-3
CVE ID : CVE-2024-5986 Published : Feb. 2, 2026, 11:16 a.m. | 36 minutes ago Description : A vulnerability in h2oai/h2o-3 version 3.46.0.1 allows remote attackers to write arbitrary data to any file on the server. Thi
CVE-2024-2356 - Remote Code Execution due to LFI in '/reinstall_extension' in parisneo/lollms-webui
CVE ID : CVE-2024-2356 Published : Feb. 2, 2026, 11:15 a.m. | 37 minutes ago Description : A Local File Inclusion (LFI) vulnerability exists in the '/reinstall_extension' endpoint of the parisneo/lollms-webui applicat
CVE-2024-9680
Currently trending CVE - Hype Score: 6 - An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploi
CVE-2024-49039
Currently trending CVE - Hype Score: 6 - Windows Task Scheduler Elevation of Privilege Vulnerability
CISA Warns of Critical VMware vCenter RCE Vulnerability Now Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom’s VMware vCenter Server to its Known Exploited Vulnerabilities (KEV) catalog. This addition confirms that
CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities (KEV
CVE-2024-37079
Currently trending CVE - Hype Score: 14 - vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulne