Common Vulnerabilities and Exposures (CVEs) are publicly disclosed security flaws that affect software or systems. Knowing about CVEs is crucial for maintaining the security integrity of systems.
Staying updated with the latest CVEs helps organizations and individuals prevent potential breaches by applying patches or mitigations before they can be exploited.
The CVE system is managed by the CVE Program, which is sponsored by the U.S. Department of Homeland Security (DHS). CVE Entries are created and assigned by CVE Numbering Authorities (CNAs), organizations from around the world that are responsible for the identification and cataloging of vulnerabilities affecting their products. Once a CVE Entry is created, it provides a reference point for every other security advisory to link to, ensuring consistency across different platforms.
For more detailed information, visit the official CVE website.
CVEs are typically classified into several severity levels based on their potential impact on the affected systems. The most common categorization uses the CVSS (Common Vulnerability Scoring System) to rate the severity of security vulnerabilities, ranging from Low to Critical. Understanding the severity level can help prioritize remediation efforts.
| Severity | CVSS Score | Description | Impact |
|---|---|---|---|
| None | 0 | No impact to the system's security. | No action needed. |
| Low | 0.1 - 3.9 | Poses minimal threat to system security. | Basic monitoring or updates may suffice. |
| Medium | 4.0 - 6.9 | Represents a moderate risk which may affect data integrity or availability. | Recommended to address soon with patches or workarounds. |
| High | 7.0 - 8.9 | Significant impact, could lead to data loss or downtime. | Urgent patching or immediate mitigation required. |
| Critical | 9.0 - 10.0 | Extremely dangerous, with potential for widespread damage or data loss. | Immediate action necessary, including system isolation or disabling. |
This list features the most recent CVEs reported and cataloged by various CVE Numbering Authorities (CNAs) around the world. Each entry includes details about the vulnerability, such as its severity, impacted systems, and available fixes or workarounds. The aim is to provide timely and actionable information to help protect systems against these vulnerabilities.
| CVE-ID | Severity | CVSS Score | Description |
|---|---|---|---|
| CVE-2024-4733 | HIGH | 7.5 | Learn about the high-severity security vulnerability CVE-2024-4733 affecting the ShiftController Employee Shift Scheduling plugin, including details on the issue and how to protect your systems. |
| CVE-2024-31226 | MEDIUM | 4.9 | An in-depth look at CVE-2024-31226, detailing how Sunshine versions 0.17.0 through 0.22.2 are affected and what measures can be taken to secure systems. |
| CVE-2024-5023 | CRITICAL | 9.6 | An informative overview of the critical CVE-2024-5023 vulnerability affecting ConsoleMe, including insights into its impact and mitigation strategies. |
| CVE-2024-3286 | HIGH | 7.5 | A detailed examination of the high-severity buffer overflow vulnerability, CVE-2024-3286, affecting Lenovo printers, including insights on how to manage this security risk. |
| CVE-2024-1417 | HIGH | 7.8 | A comprehensive guide to the CVE-2024-1417 affecting WatchGuard AuthPoint Password Manager on MacOS, detailing the risks and remediation steps. |
| CVE-2023-47717 | MEDIUM | 4.4 | A deep dive into CVE-2023-47717, affecting IBM Security Guardium 12.0, detailing potential risks and prevention strategies for our users. |
| CVE-2024-27260 | HIGH | 8.4 | Learn about the CVE-2024-27260 vulnerability affecting IBM AIX and VIOS versions, the risks it poses, and how you can secure your systems with LinuxPatch. |
| CVE-2024-4956 | HIGH | 7.5 | An overview of the critical security vulnerability CVE-2024-4956 identified in Sonatype Nexus Repository 3, including its impact, severity, and the recommended steps for mitigation. |
| CVE-2024-35187 | CRITICAL | 9.1 | An in-depth look at the critical CVE-2024-35187, affecting the Stalwart Mail Server, and how it could potentially allow attackers to gain unrestricted system access. |
| CVE-2024-35185 | MEDIUM | 5.3 | Learn about the medium-severity CVE-2024-35185 affecting Minder software and how to secure your systems with LinuxPatch. |
| CVE-2024-35176 | MEDIUM | 5.3 | An in-depth look into CVE-2024-35176, the security vulnerability found in the REXML gem, its implications, and solutions for LinuxPatch customers. |
| CVE-2024-34808 | MEDIUM | 4.3 | Learn about the path traversal vulnerability identified in JCH Optimize, affecting versions up to 4.2.0, its impacts, and the solutions available. |
| CVE-2024-34805 | MEDIUM | 6.5 | An informative guide on the CVE-2024-34805 vulnerability affecting Webvitaly iFrame, detailing potential risks and advocating for timely patch updates. |
| CVE-2024-34760 | MEDIUM | 5.9 | Explore the details and implications of the XSS vulnerability identified in WPBlockart's Magazine Blocks plugin, designated as CVE-2024-34760, and find out how you can secure your systems with LinuxPatch. |
| CVE-2024-34751 | MEDIUM | 4.4 | Explore the details of CVE-2024-34751, which affects the WebToffee Order Export & Order Import for WooCommerce, and learn how you can secure your systems. |
| CVE-2024-20389 | HIGH | 7.8 | A detailed exploration of CVE-2024-20389, its impact on network security, and the steps to mitigate this high-severity vulnerability. |
| CVE-2024-20326 | HIGH | 7.8 | Learn about the critical security flaw identified as CVE-2024-20326 affecting the CLI of Cisco Crosswork Network Services Orchestrator and how to protect your systems. |
| CVE-2024-4760 | MEDIUM | 6.3 | A detailed look at CVE-2024-4760, which affects Microchip's SAM E70/S70/V70/V71 microcontrollers, and how users can secure their systems with patches from LinuxPatch. |
| CVE-2024-4993 | MEDIUM | 6.3 | An informative breakdown of CVE-2024-4993, detailing the XSS vulnerability in SiAdmin 1.1, its potential impact, and mitigation strategies. |
| CVE-2024-4992 | CRITICAL | 9.8 | Learn about the severity and impact of the CVE-2024-4992 SQL injection vulnerability found in SiAdmin software, and how to secure your systems using LinuxPatch. |
| CVE-2024-4991 | CRITICAL | 9.8 | Exploring the critical SQL injection vulnerability in SiAdmin 1.1, its potential impacts, and the urgent need for patching. |
| CVE-2024-4826 | CRITICAL | 9.8 | Discover the crucial details about the SQL injection vulnerability in Simple PHP Shopping Cart, identified as CVE-2024-4826, and learn how you can safeguard your systems effectively. |
| CVE-2024-4580 | MEDIUM | 6.4 | An in-depth look at CVE-2024-4580 detailing the vulnerabilities in the Master Addons plugin for Elementor in WordPress, including severity, affected software, and strategies for mitigation. |
| CVE-2024-30314 | CRITICAL | 9.3 | A critical security update for Dreamweaver Desktop users addressing a severe OS Command Injection vulnerability that affects versions up to 21.3. |
| CVE-2024-30292 | HIGH | 7.8 | Exploring the critical out-of-bounds write vulnerability in Adobe FrameMaker versions 2020.5, 2022.3 and earlier, identified as CVE-2024-30292. Learn about the risks and necessary actions to protect your systems. |
| CVE-2024-30291 | HIGH | 7.8 | Learn about the high-severity CVE-2024-30291 affecting Adobe Framemaker and how you can secure your system against potential threats. |
| CVE-2024-30290 | HIGH | 7.8 | Important details and update guidelines on the CVE-2024-30290 vulnerability affecting Adobe FrameMaker, leading to potential arbitrary code execution. |
| CVE-2024-30289 | HIGH | 7.8 | Explore the details and implications of CVE-2024-30289, a high-severity vulnerability affecting Adobe Framemaker versions 2020.5, 2022.3 and earlier, which could lead to arbitrary code execution. |
| CVE-2024-30288 | HIGH | 7.8 | An in-depth analysis of the high-severity CVE-2024-30288 affecting Adobe FrameMaker, including impact assessment and patching guidance. |
| CVE-2024-30287 | MEDIUM | 5.5 | An in-depth look at the CVE-2024-30287 vulnerability affecting Adobe Framemaker, including potential risks and available patch solutions. |
| CVE-2024-30286 | MEDIUM | 5.5 | Explore the details of CVE-2024-30286, a security vulnerability in Adobe FrameMaker that could lead to the disclosure of sensitive information. |
| CVE-2024-30283 | MEDIUM | 5.5 | Explore the details and implications of CVE-2024-30283, a security flaw in Adobe FrameMaker that could potentially lead to sensitive data exposure. |
| CVE-2024-4838 | HIGH | 8.8 | Learn about the severe vulnerability discovered in the ConvertPlus plugin for WordPress and understand the risks and the necessary steps to mitigate this security flaw. |
| CVE-2024-4634 | MEDIUM | 6.4 | Learn about the security vulnerability CVE-2024-4634 in the Elementor Header & Footer Builder plugin for WordPress, its impacts, and how to safeguard your website. |
| CVE-2024-4617 | MEDIUM | 6.4 | A detailed look at the CVE-2024-4617 issue affecting the Rank Math SEO with AI plugin for WordPress, its implications, and how users can safeguard their websites. |
| CVE-2024-4400 | MEDIUM | 6.4 | Learn about the CVE-2024-4400 vulnerability, its impacts, and how LinuxPatch can help you secure your WordPress site against potential attacks. |
| CVE-2024-4385 | MEDIUM | 6.4 | Exploring the impact and solutions for the Stored Cross-Site Scripting vulnerability in Envo Extra WordPress Plugin, identified as CVE-2024-4385. |
| CVE-2024-4288 | MEDIUM | 6.4 | A comprehensive look into the CVE-2024-4288 vulnerability, affecting the Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin for WordPress. |
| CVE-2024-35302 | MEDIUM | 5.4 | Explore the details of CVE-2024-35302, its impact on JetBrains TeamCity, and learn how to secure your systems from potential XSS threats. |
| CVE-2024-35301 | MEDIUM | 5.5 | Learn about the security implications of CVE-2024-35301 on JetBrains TeamCity and how LinuxPatch can help secure your systems. |
| CVE-2024-35300 | LOW | 3.5 | An approachable guide to identifying and addressing the stored XSS vulnerability in JetBrains TeamCity, designated as CVE-2024-35300. |
| CVE-2024-35299 | MEDIUM | 5.9 | An informative guide on CVE-2024-35299, detailing the vulnerability found in JetBrains YouTrack SMTPS protocol communication and how to secure your systems. |
| CVE-2024-4975 | LOW | 3.5 | An overview of CVE-2024-4975, its impact on the Simple Chat System, and guidance on securing systems against potential XSS attacks. |
| CVE-2024-4974 | LOW | 3.5 | Insight into CVE-2024-4974 vulnerability affecting Simple Chat System 1.0 and the steps to mitigate the threat. |
| CVE-2024-4973 | MEDIUM | 6.3 | Explore the details of CVE-2024-4973, a SQL Injection vulnerability in Simple Chat System 1.0, and learn about the severity and potential impacts of this security threat. |
| CVE-2024-4352 | HIGH | 8.8 | An in-depth look at the high-severity CVE-2024-4352 affecting the Tutor LMS Pro plugin for WordPress, including its implications and solutions. |
| CVE-2024-4351 | HIGH | 8.8 | Exploring the high-severity vulnerability found in Tutor LMS Pro plugin for WordPress and its implications for data security. |
| CVE-2024-4222 | HIGH | 7.3 | A critical vulnerability has been identified in the Tutor LMS Pro plugin for WordPress, posing significant risks to data integrity and security. |
| CVE-2024-4972 | MEDIUM | 6.3 | An in-depth analysis of the SQL injection vulnerability found in Simple Chat System 1.0, and why it is crucial for users to apply updates. |
| CVE-2024-4968 | LOW | 3.5 | A detailed guide about the low severity vulnerability found in SourceCodester Interactive Map with Marker 1.0, identified as CVE-2024-4968. |
If you want to access to older CVE entries, you can access our older CVEs