Vulnerabilities

Apple macOS Ventura, Sonoma, Monterey, iOS and iPadOS unspecified | CVE-2023-42915

January 25, 2024

NAME__________Apple macOS Ventura, Sonoma, Monterey, iOS and iPadOS unspecifiedPlatforms Affected:Apple macOS Sonoma 14.1 Apple macOS Monterey 12.7.2 Apple macOS Ventura...

Ministry of Agriculture, Forestry and Fisheries Electronic Delivery Check System XML external entity injection | CVE-2024-21796

January 25, 2024

NAME__________Ministry of Agriculture, Forestry and Fisheries Electronic Delivery Check System XML external entity injectionPlatforms Affected:Japanese Ministry of Agriculture Forestry and...

Jenkins GitLab Branch Source Plugin information disclosure | CVE-2024-23903

January 25, 2024

NAME__________Jenkins GitLab Branch Source Plugin information disclosurePlatforms Affected:Jenkins GitLab Branch Source Plugin 684.vea_fa_7c1e2fe3Risk Level:3.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins GitLab Branch Source Plugin...

Ministry of Agriculture, Forestry and Fisheries Electronic Delivery Check System XML external entity injection | CVE-2024-21765

January 25, 2024

NAME__________Ministry of Agriculture, Forestry and Fisheries Electronic Delivery Check System XML external entity injectionPlatforms Affected:Japanese Ministry of Agriculture Forestry and...

tlsfuzzer python-ecdsa information disclosure | CVE-2024-23342

January 25, 2024

NAME__________tlsfuzzer python-ecdsa information disclosurePlatforms Affected:tlsfuzzer python-ecdsa 0.18.0Risk Level:7.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________tlsfuzzer python-ecdsa could allow a remote attacker to obtain sensitive information,...

Apache Airflow information disclosure | CVE-2023-50944

January 25, 2024

NAME__________Apache Airflow information disclosurePlatforms Affected:Apache Airflow 2.8.0Risk Level:2.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Airflow could allow a remote authenticated attacker to obtain sensitive...

Jenkins GitLab Branch Source Plugin security bypass | CVE-2024-23901

January 25, 2024

NAME__________Jenkins GitLab Branch Source Plugin security bypassPlatforms Affected:Jenkins GitLab Branch Source Plugin 684.vea_fa_7c1e2fe3Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins GitLab Branch Source Plugin...

Jenkins Qualys Policy Compliance Scanning Connector Plugin information disclosure | CVE-2023-6147

January 25, 2024

NAME__________Jenkins Qualys Policy Compliance Scanning Connector Plugin information disclosurePlatforms Affected:Jenkins Qualys Policy Compliance Scanning Connector Plugin 1.0.5Risk Level:7.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins...

Mercari App for Android URL redirect | CVE-2024-23388

January 25, 2024

NAME__________Mercari App for Android URL redirectPlatforms Affected:Mercari Mercari App for Android 5.77.0Risk Level:3.3Exploitability:UnprovenConsequences:Other DESCRIPTION__________Mercari App for Android could allow a...

Squid-Cache Squid denial of service | CVE-2024-23638

January 25, 2024

NAME__________Squid-Cache Squid denial of servicePlatforms Affected:Squid-Cache Squid 6.5Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Squid-Cache Squid is vulnerable to a denial of service,...

Jenkins GitLab Branch Source Plugin cross-site request forgery | CVE-2024-23902

January 25, 2024

NAME__________Jenkins GitLab Branch Source Plugin cross-site request forgeryPlatforms Affected:Jenkins GitLab Branch Source Plugin 684.vea_fa_7c1e2fe3Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins GitLab Branch Source...

Two-factor Authentication module for Drupal security bypass |

January 25, 2024

NAME__________Two-factor Authentication module for Drupal security bypassPlatforms Affected:Drupal Two-factor Authentication module for Drupal tfa 8.x-1.0Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Two-factor Authentication module...

Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches security bypass | CVE-2024-20263

January 25, 2024

NAME__________Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches security bypassPlatforms Affected:Cisco Business 250 Series smart switches...

Cisco Unity Connection cross-site scripting | CVE-2024-20305

January 25, 2024

NAME__________Cisco Unity Connection cross-site scriptingPlatforms Affected:Risk Level:4.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Cisco Unity Connection is vulnerable to cross-site scripting, caused by improper validation...

Jenkins Log Command Plugin information disclosure | CVE-2024-23904

January 25, 2024

NAME__________Jenkins Log Command Plugin information disclosurePlatforms Affected:Jenkins Log Command Plugin 1.0.2Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins Log Command Plugin could allow a...

Nextcloud Files ZIP information disclosure | CVE-2024-22404

January 24, 2024

NAME__________Nextcloud Files ZIP information disclosurePlatforms Affected:Nextcloud Files ZIP 1.2.0 Nextcloud Files ZIP 1.4.0Risk Level:4.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Nextcloud Files ZIP could allow...

Nextcloud User Saml open redirect | CVE-2024-22400

January 24, 2024

NAME__________Nextcloud User Saml open redirectPlatforms Affected:Nextcloud User Saml 5.1.4 Nextcloud User Saml 5.2.4 Nextcloud User Saml 6.0.0 Nextcloud User Saml...

Nextcloud Guests security bypass | CVE-2024-22402

January 24, 2024

NAME__________Nextcloud Guests security bypassPlatforms Affected:Nextcloud Guests 2.4.0 Nextcloud Guests 2.5.0 Nextcloud Guests 3.0.0Risk Level:5.4Exploitability:UnprovenConsequences:Other DESCRIPTION__________Nextcloud Guests could allow a remote...

Nextcloud Server weak security | CVE-2024-22403

January 24, 2024

NAME__________Nextcloud Server weak securityPlatforms Affected:Nextcloud Nextcloud Server 27.0.0 Nextcloud Nextcloud Enterprise Server 27.0.0Risk Level:3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Nextcloud Server could provide weaker...

Nextcloud Deck cross-site scripting | CVE-2024-22213

January 24, 2024

NAME__________Nextcloud Deck cross-site scriptingPlatforms Affected:Nextcloud Deck 1.9.0 Nextcloud Deck 1.9.4 Nextcloud Deck 1.10.0 Nextcloud Deck 1.11.0 Nextcloud Deck 1.11.1Risk Level:6.4Exploitability:HighConsequences:Cross-Site...

Nextcloud Guests security bypass | CVE-2024-22401

January 24, 2024

NAME__________Nextcloud Guests security bypassPlatforms Affected:Nextcloud Guests 2.4.0 Nextcloud Guests 2.5.0 Nextcloud Guests 3.0.0Risk Level:4.1Exploitability:UnprovenConsequences:Other DESCRIPTION__________Nextcloud Guests could allow a remote...

Nsasoft Product Key Explorer code execution | CVE-2024-0771

January 24, 2024

NAME__________Nsasoft Product Key Explorer code executionPlatforms Affected:Nsasoft Product Key Explorer 4.0.9Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Nsasoft Product Key Explorer could allow a...

SpyCamLizard denial of service |

January 24, 2024

NAME__________SpyCamLizard denial of servicePlatforms Affected:SpyCamLizard SpyCamLizard 1.230Risk Level:5.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________SpyCamLizard is vulnerable to a denial of service,...

European Chemicals Agency IUCLID code execution | CVE-2024-0770

January 24, 2024

NAME__________European Chemicals Agency IUCLID code executionPlatforms Affected:European Chemicals Agency IUCLID 7.10.3Risk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________European Chemicals Agency IUCLID could allow a...

Vulnerabilities

Apple macOS Ventura, Sonoma, Monterey, iOS and iPadOS unspecified | CVE-2023-42915

Ministry of Agriculture, Forestry and Fisheries Electronic Delivery Check System XML external entity injection | CVE-2024-21796

Jenkins GitLab Branch Source Plugin information disclosure | CVE-2024-23903

Ministry of Agriculture, Forestry and Fisheries Electronic Delivery Check System XML external entity injection | CVE-2024-21765

tlsfuzzer python-ecdsa information disclosure | CVE-2024-23342

Apache Airflow information disclosure | CVE-2023-50944

Jenkins GitLab Branch Source Plugin security bypass | CVE-2024-23901

Jenkins Qualys Policy Compliance Scanning Connector Plugin information disclosure | CVE-2023-6147

Mercari App for Android URL redirect | CVE-2024-23388

Squid-Cache Squid denial of service | CVE-2024-23638

Jenkins GitLab Branch Source Plugin cross-site request forgery | CVE-2024-23902

Two-factor Authentication module for Drupal security bypass |

Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches security bypass | CVE-2024-20263

Cisco Unity Connection cross-site scripting | CVE-2024-20305

Jenkins Log Command Plugin information disclosure | CVE-2024-23904

Nextcloud Files ZIP information disclosure | CVE-2024-22404

Nextcloud User Saml open redirect | CVE-2024-22400

Nextcloud Guests security bypass | CVE-2024-22402

Nextcloud Server weak security | CVE-2024-22403

Nextcloud Deck cross-site scripting | CVE-2024-22213

Nextcloud Guests security bypass | CVE-2024-22401

Nsasoft Product Key Explorer code execution | CVE-2024-0771

SpyCamLizard denial of service |

European Chemicals Agency IUCLID code execution | CVE-2024-0770

CVE Alert: CVE-2025-50088

CVE Alert: CVE-2025-50073

CVE Alert: CVE-2025-50087

CVE Alert: CVE-2025-50086

CVE Alert: CVE-2025-50089

You may have missed