CRITICAL
CVSS 9.8
CVE-2024-0001: Critical Buffer Overflow in LibSSH
A buffer overflow vulnerability in LibSSH versions prior to 0.9.0 allows remote attackers to execute arbitrary code.
LibSSHLinux
1/13/2025Latest Vulnerabilities
25 results foundHIGH
CVSS 7.5
CVE-2024-0002: Cross-Site Scripting in React DOM
React DOM contains a vulnerability that allows XSS via specific attributes.
React
1/12/2025MEDIUM
CVSS 5.3
CVE-2024-0003: Information Disclosure in Nginx
Nginx allows attackers to view sensitive information via error pages.
NginxLinux
1/11/2025CRITICAL
CVSS 9.1
CVE-2024-0004: SQL Injection in Django
Django ORM vulnerability allowing SQL injection via crafted user input.
PythonDjango
1/10/2025HIGH
CVSS 7.8
CVE-2024-0005: Denial of Service in Apache
Apache HTTP Server is vulnerable to DoS attack via slow headers.
LinuxApache
1/9/2025MEDIUM
CVSS 6.5
CVE-2024-0006: Prototype Pollution in Node.js
Prototype pollution vulnerability in popular Node.js library.
Node.js
1/8/2025CRITICAL
CVSS 9.8
CVE-2024-0007: Remote Code Execution in Python
RCE vulnerability in Python `pickle` module when untrusted data is deserialized.
Python
1/7/2025HIGH
CVSS 8.2
CVE-2024-0008: Privilege Escalation in Linux Kernel
Local privilege escalation vulnerability in Linux Kernel via eBPF.
Linux
1/6/2025HIGH
CVSS 7.2
CVE-2024-0009: Authentication Bypass in PostgreSQL
PostgreSQL misconfiguration allows authentication bypass for local users.
PostgreSQL
1/5/2025MEDIUM
CVSS 5.9
CVE-2024-0010: Memory Leak in OpenSSL
Memory leak in OpenSSL handshake process leading to potential DoS.
OpenSSL
1/4/2025MEDIUM
CVSS 4.3
CVE-2024-0011: XSS in Django Admin
Cross-site scripting vulnerability in Django Admin interface.
Django
1/3/2025CRITICAL
CVSS 10
CVE-2024-0012: Command Injection in Apache Struts
Remote command injection vulnerability in Apache Struts framework.
Apache
1/2/2025HIGH
CVSS 7.5
CVE-2024-0013: Path Traversal in Nginx
Path traversal vulnerability in Nginx configuration.
Nginx
1/1/2025CRITICAL
CVSS 9.8
CVE-2024-0014: Deserialization Flaw in Java
Unsafe deserialization in Java application.
12/31/2024
HIGH
CVSS 8.1
CVE-2024-0015: Buffer Overflow in C Standard Library
Heap-based buffer overflow in glibc.
12/30/2024
HIGH
CVSS 7.4
CVE-2024-0016: Improper Access Control in API
API endpoint lacks proper authentication checks.
12/29/2024
MEDIUM
CVSS 5.5
CVE-2024-0017: Sensitive Data Exposure
Application logs contain sensitive user tokens.
12/28/2024
HIGH
CVSS 7.8
CVE-2024-0018: XML External Entity (XXE)
XML parser vulnerable to XXE attacks.
React
12/27/2024CRITICAL
CVSS 9.1
CVE-2024-0019: Server-Side Request Forgery (SSRF)
SSRF vulnerability in image processing service.
12/26/2024
MEDIUM
CVSS 6.1
CVE-2024-0020: Insecure Direct Object Reference
IDOR vulnerability allowing access to other users data.
12/25/2024