ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
CVE-2024-58280 - CMSimple 5.15 Remote Command Execution via Extensions Configuration
CVE ID : CVE-2024-58280 Published : Dec. 10, 2025, 10:16 p.m. | 33 minutes ago Description : CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extension
CVE-2024-58281 - Dotclear 2.29 Remote Code Execution via Authenticated File Upload
CVE ID : CVE-2024-58281 Published : Dec. 10, 2025, 10:16 p.m. | 33 minutes ago Description : Dotclear 2.29 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP fil
CVE-2024-2104 - JBL: Improper BLE security configurations and lack of authentication on the device's GATT server
CVE ID : CVE-2024-2104 Published : Dec. 10, 2025, 1:16 p.m. | 1 hour, 33 minutes ago Description : Due to improper BLE security configurations on the device's GATT server, an adjacent unauthenticated attacker can read
CVE-2024-1874
Currently trending CVE - Hype Score: 9 - In PHP versions 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, when using proc_open() command with array syntax, due to insufficient escaping, if the arguments of t
CVE-2024-58275 - Easywall 0.3.1 - Authentication Bypass via Command Injection in /ports-save Endpoint
CVE ID : CVE-2024-58275 Published : Dec. 4, 2025, 9:16 p.m. | 1 hour, 33 minutes ago Description : Easywall 0.3.1 allows authenticated remote command execution via a command injection vulnerability in the /ports-save
CVE-2024-58276 - Obi08-Enrollment System 1.0 login.php SQL Injection
CVE ID : CVE-2024-58276 Published : Dec. 4, 2025, 9:16 p.m. | 1 hour, 33 minutes ago Description : Obi08/Enrollment System 1.0 contains a SQL injection vulnerability in the keyword parameter of /get_subject.php that a
CVE-2024-58277 - R Radio Network FM Transmitter 1.07 System Settings Disclosure
CVE ID : CVE-2024-58277 Published : Dec. 4, 2025, 9:16 p.m. | 1 hour, 33 minutes ago Description : R Radio Network FM Transmitter 1.07 allows unauthenticated attackers to access the admin user's password through the s
CVE-2024-58278 - IndigoSTAR Software - perl2exe <= V30.10C - Arbitrary Code Execution
CVE ID : CVE-2024-58278 Published : Dec. 4, 2025, 9:16 p.m. | 1 hour, 33 minutes ago Description : perl2exe <= V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to ex
CVE-2024-45538 - Synology DSM CSRF Vulnerability
CVE ID : CVE-2024-45538 Published : Dec. 4, 2025, 2:16 p.m. | 32 minutes ago Description : Cross-Site Request Forgery (CSRF) vulnerability in WebAPI Framework in Synology DiskStation Manager (DSM) before 7.2.1-69057-2
CVE-2024-32641 - Masa CMS Vulnerable to Pre-Auth RCE via JSON API
CVE ID : CVE-2024-32641 Published : Dec. 3, 2025, 5:15 p.m. | 1 hour, 33 minutes ago Description : Masa CMS is an open source Enterprise Content Management platform. Masa CMS versions prior to 7.2.8, 7.3.13, and 7.4.6
CVE-2024-32642 - Host header poisoning allows account takeover via password reset email
CVE ID : CVE-2024-32642 Published : Dec. 3, 2025, 5:15 p.m. | 1 hour, 33 minutes ago Description : Masa CMS is an open source Enterprise Content Management platform. Prior to 7.2.8, 7.3.13, and 7.4.6, there is vulnera
CVE-2024-45675 - IBM Informix Dynamic Server Authentication Bypass
CVE ID : CVE-2024-45675 Published : Dec. 2, 2025, 2 a.m. | 47 minutes ago Description : IBM Informix Dynamic Server 14.10 could allow a local user on the system to log into the Informix server as administrator without
CVE-2024-39148 - KerOS wmp-agent Remote Command Execution
CVE ID : CVE-2024-39148 Published : Dec. 1, 2025, 4:15 p.m. | 4 hours, 32 minutes ago Description : The service wmp-agent of KerOS prior 5.12 does not properly validate so-called ‘magic URLs’ allowing an unauthenticat
CVE-2024-48882 - Socomec DIRIS Digiware M-70 Modbus TCP Denial of Service
CVE ID : CVE-2024-48882 Published : Dec. 1, 2025, 4:15 p.m. | 32 minutes ago Description : A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially cra
CVE-2024-50629
Currently trending CVE - Hype Score: 8 - Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.1.1-
PoC Exploit Released for Critical Outlook 0-Click Remote Code Execution Vulnerability
A Proof-of-Concept (PoC) exploit code has been released for a critical remote code execution (RCE) vulnerability in Microsoft Outlook, identified as CVE-2024-21413. Dubbed “MonikerLink,” this flaw allows attackers to byp
CVE-2024-9183
Currently trending CVE - Hype Score: 1
CVE-2024-5539 - ALC WebCTRL Carrier i-Vu Access Control Bypass
CVE ID : CVE-2024-5539 Published : Nov. 27, 2025, 1:02 a.m. | 16 minutes ago Description : The Access Control Bypass vulnerability found in ALC WebCTRL and Carrier i-Vu in versions up to and including 8.5 allows a mal
CVE-2024-47856 - RSA Authentication Agent Path Traversal Vulnerability
CVE ID : CVE-2024-47856 Published : Nov. 24, 2025, 10:15 p.m. | 19 hours ago Description : In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path
CVE-2024-14007 - TVT NVMS-9000 < 1.3.4 Unauthenticated Administrative Queries & Information Disclosure
CVE ID : CVE-2024-14007 Published : Nov. 24, 2025, 8:31 p.m. | 43 minutes ago Description : Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR/IPC products) versions prior