v.26.4.2314

High Severity Vulnerabilities

Found 13071 vulnerabilities at High severity.

Vulnerability Name

CVE

CWE

Severity

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-38276)

CVE-2024-38276

CWE-352

High

Apache Tomcat Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-38286)

CVE-2024-38286

CWE-770

High

Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-38472)

CVE-2024-38472

CWE-918

High

Apache HTTP Server Improper Encoding or Escaping of Output Vulnerability (CVE-2024-38473)

CVE-2024-38473

CWE-116

High

Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2024-38477)

CVE-2024-38477

CWE-476

High

Apache Traffic Server CVE-2024-38479 Vulnerability (CVE-2024-38479)

CVE-2024-38479

-

High

GeoServer Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-38524)

CVE-2024-38524

CWE-200

High

Django Improper Handling of Length Parameter Inconsistency Vulnerability (CVE-2024-38875)

CVE-2024-38875

CWE-130

High

LimeSurvey Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-39063)

CVE-2024-39063

CWE-352

High

axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-39338)

CVE-2024-39338

CWE-918

High

Apache HTTP Server Improper Input Validation Vulnerability (CVE-2024-39573)

CVE-2024-39573

CWE-20

High

Django Improper Handling of Length Parameter Inconsistency Vulnerability (CVE-2024-39614)

CVE-2024-39614

CWE-130

High

Next.js Uncontrolled Resource Consumption Vulnerability (CVE-2024-39693)

CVE-2024-39693

CWE-400

High

MongoDb Improper Input Validation Vulnerability (CVE-2024-3372)

CVE-2024-3372

CWE-20

High

Beego Framework Improper Certificate Validation Vulnerability (CVE-2024-40464)

CVE-2024-40464

CWE-295

High

Beego Framework Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2024-40465)

CVE-2024-40465

CWE-327

High

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-40597)

CVE-2024-40597

CWE-200

High

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-40748)

CVE-2024-40748

CWE-707

High

Joomla Other Vulnerability (CVE-2024-40749)

CVE-2024-40749

-

High

Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-40898)

CVE-2024-40898

CWE-918

High

PrestaShop Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-41651)

CVE-2024-41651

CWE-918

High

Craft CMS Improper Authentication Vulnerability (CVE-2024-41800)

CVE-2024-41800

CWE-287

High

Django CVE-2024-41989 Vulnerability (CVE-2024-41989)

CVE-2024-41989

-

High

Django CVE-2024-41990 Vulnerability (CVE-2024-41990)

CVE-2024-41990

-

High

Django Improper Validation of Specified Quantity in Input Vulnerability (CVE-2024-41991)

CVE-2024-41991

CWE-1284

High

Apache HTTP Server Improper Input Validation Vulnerability (CVE-2024-42516)

CVE-2024-42516

CWE-20

High

LimeSurvey Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-42902)

CVE-2024-42902

CWE-94

High

Jenkins Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2024-43044)

CVE-2024-43044

CWE-754

High

Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-43204)

CVE-2024-43204

CWE-918

High

Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-43394)

CVE-2024-43394

CWE-918

High

XWiki Missing Authorization Vulnerability (CVE-2024-43401)

CVE-2024-43401

CWE-862

High

Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-43425)

CVE-2024-43425

CWE-94

High

Moodle Improper Validation of Specified Type of Input Vulnerability (CVE-2024-43426)

CVE-2024-43426

CWE-1287

High

Moodle Insufficient Verification of Data Authenticity Vulnerability (CVE-2024-43428)

CVE-2024-43428

CWE-345

High

Moodle Missing Authorization Vulnerability (CVE-2024-43431)

CVE-2024-43431

CWE-862

High

Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-43434)

CVE-2024-43434

CWE-22

High

Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2024-43436)

CVE-2024-43436

CWE-138

High

Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-43438)

CVE-2024-43438

CWE-639

High

Moodle Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-43440)

CVE-2024-43440

CWE-22

High

SharePoint CVE-2024-43464 Vulnerability (CVE-2024-43464)

CVE-2024-43464

-

High

SharePoint CVE-2024-43466 Vulnerability (CVE-2024-43466)

CVE-2024-43466

-

High

SharePoint CVE-2024-43503 Vulnerability (CVE-2024-43503)

CVE-2024-43503

-

High

Django CVE-2024-45230 Vulnerability (CVE-2024-45230)

CVE-2024-45230

-

High

Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2024-45398)

CVE-2024-45398

CWE-434

High

Moodle Incorrect Default Permissions Vulnerability (CVE-2024-45690)

CVE-2024-45690

CWE-276

High

Squid CVE-2024-45802 Vulnerability (CVE-2024-45802)

CVE-2024-45802

-

High

Envoy Proxy CVE-2024-45807 Vulnerability (CVE-2024-45807)

CVE-2024-45807

-

High

Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2024-45809)

CVE-2024-45809

CWE-476

High

Envoy Proxy CVE-2024-45810 Vulnerability (CVE-2024-45810)

CVE-2024-45810

-

High

Next.js Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2024-46982)

CVE-2024-46982

CWE-639

High

Apache HTTP Server Improper Neutralization of Escape, Meta, or Control Sequences Vulnerability (CVE-2024-47252)

CVE-2024-47252

CWE-150

High

Next.js Uncontrolled Recursion Vulnerability (CVE-2024-47831)

CVE-2024-47831

CWE-674

High

Chamilo Deserialization of Untrusted Data Vulnerability (CVE-2024-47886)

CVE-2024-47886

CWE-502

High

Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-48311)

CVE-2024-48311

CWE-352

High

Piwigo Use of Insufficiently Random Values Vulnerability (CVE-2024-48928)

CVE-2024-48928

CWE-330

High

SharePoint CVE-2024-49068 Vulnerability (CVE-2024-49068)

CVE-2024-49068

-

High

SharePoint CVE-2024-49070 Vulnerability (CVE-2024-49070)

CVE-2024-49070

-

High

Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-49767)

CVE-2024-49767

CWE-770

High

Apache Traffic Server Improper Input Validation Vulnerability (CVE-2024-50305)

CVE-2024-50305

CWE-20

High

Next.js Incorrect Authorization Vulnerability (CVE-2024-51479)

CVE-2024-51479

CWE-863

High

Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51484)

CVE-2024-51484

CWE-352

High

Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51485)

CVE-2024-51485

CWE-352

High

Ampache Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-51486)

CVE-2024-51486

CWE-707

High

Ampache Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-51487)

CVE-2024-51487

CWE-352

High

Craft CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-52291)

CVE-2024-52291

CWE-22

High

Craft CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2024-52293)

CVE-2024-52293

CWE-22

High

Tornado Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-52804)

CVE-2024-52804

CWE-770

High

Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2024-53269)

CVE-2024-53269

CWE-670

High

Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2024-53270)

CVE-2024-53270

CWE-476

High

Envoy Proxy Always-Incorrect Control Flow Implementation Vulnerability (CVE-2024-53271)

CVE-2024-53271

CWE-670

High

Apache Traffic Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2024-53868)

CVE-2024-53868

-

High

Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-53907)

CVE-2024-53907

CWE-770

High

Drupal Improper Handling of Case Sensitivity Vulnerability (CVE-2024-55634)

CVE-2024-55634

CWE-178

High

XWikiplatform Incorrect Authorization Vulnerability (CVE-2024-55662)

CVE-2024-55662

CWE-863

High

XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-55877)

CVE-2024-55877

CWE-94

High