Skip to main content
CVE-2024-6219 LOW POC PATCH Monitor

Mark Laing discovered in LXD's PKI mode, until version 5.21.1, that a restricted certificate could be added to the trust store with its restrictions not honoured. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lxd
NVD GitHub
CVSS 3.1
3.8
EPSS
0.2%
CVE-2024-6156 LOW POC PATCH Monitor

Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Lxd
NVD GitHub
CVSS 3.1
3.8
EPSS
0.2%
CVE-2024-48866 LOW Monitor

An improper handling of URL encoding (Hex Encoding) vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.3
EPSS
0.4%
CVE-2024-50403 LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.1
EPSS
0.5%
CVE-2024-50402 LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.1
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy