CVE.report search for "CVE-2024-48027"
Listed below are 50 relevant search results for "CVE-2024-48027" based on Vendor, Software, and CVE description
These results are gathered from attempted matches with listed vendor and software data, as well as a keyword search in the description of all known CVEs.
If you notice a "Not Listed" in either the vendor or software columns, the underlying source record does not currently include normalized affected-product data.
Search Results
| CVE ID | Vendor | Software | Description |
|---|---|---|---|
| CVE-2026-41409 | Apache | Mina | The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incomplete. The classname allowlist of classes all... |
| CVE-2026-40858 | Apache | Camel | The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinis... |
| CVE-2026-40336 | libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have a memory leak in `ptp_unpack_Sony... | ||
| CVE-2026-39920 | BridgeHead FileStore versions prior to 24A (released in early 2024) expose the Apache Axis2 administration module on network-... | ||
| CVE-2026-39860 | Nixos | Nix | Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary overwrit... |
| CVE-2026-39373 | Latchset | Jwcrypto | JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker c... |
| CVE-2026-34826 | Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Utils.get_byte_ranges parses ... | ||
| CVE-2026-32857 | Firecrawl version 2.8.0 and prior contain a server-side request forgery (SSRF) protection bypass vulnerability in the Playwri... | ||
| CVE-2026-31592 | Linux | Linux Kernel | In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Protect *all* of sev_mem_enc_register_region()... |
| CVE-2026-31587 | Linux | Linux Kernel | In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm: move component registration to unmana... |
| CVE-2026-29644 | XiangShan (open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) has im... | ||
| CVE-2026-29643 | XiangShan (Open-source high-performance RISC-V processor) commit edb1dfaf7d290ae99724594507dc46c2c2125384 (2024-11-28) contai... | ||
| CVE-2026-29642 | A local attacker who can execute privileged CSR operations (or can induce firmware to do so) performs carefully crafted reads... | ||
| CVE-2026-27172 | Apache | Camel | The ConsulRegistry in the camel-consul component (class org.apache.camel.component.consul.ConsulRegistry and its inner Consul... |
| CVE-2026-27018 | Thecodingmachine | Gotenberg | Gotenberg is an API for converting document formats. Prior to version 8.29.0, the fix introduced for CVE-2024-21527 can be by... |
| CVE-2026-21716 | An incomplete fix for CVE-2024-36137 leaves `FileHandle.chmod()` and `FileHandle.chown()` in the promises API without the req... | ||
| CVE-2026-7183 | A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage i... | ||
| CVE-2026-6060 | A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS ... | ||
| CVE-2026-6023 | In Progress® Telerik® UI for AJAX versions 2024.4.1114 through 2026.1.421, the RadFilter control is vulnerable to insecure ... | ||
| CVE-2026-5709 | Amazon | Research And Engineering Studio | Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio (RES) version 2024.10 through 2025.12.01 migh... |
| CVE-2026-1776 | Tuzitio | Camaleon Cms | Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, contain a path traversal vulnerability in the AWS S3 up... |
| CVE-2026-1555 | The WebStack theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the io_img_up... | ||
| CVE-2025-70994 | Yadea T5 Electric Bicycles (models manufactured in/after 2024) have a weak authentication mechanism in their keyless entry sy... | ||
| CVE-2025-48150 | Missing Authorization vulnerability in sminozzi Real Estate Property 2024 Create Your Own Fields and Search Bar WP Plugin rea... | ||
| CVE-2025-32897 | Apache | Seata | Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This security vulnerability is the same as CVE... |
| CVE-2025-26793 | The Web GUI configuration panel of Hirsch (formerly Identiv and Viscount) Enterphone MESH through 2024 ships with default cre... | ||
| CVE-2025-15097 | A vulnerability was found in Alteryx Server. Affected by this issue is some unknown functionality of the file /gallery/api/st... | ||
| CVE-2025-9093 | Buzzfeed | Buzzfeed | A security vulnerability has been detected in BuzzFeed App 2024.9 on Android. This affects an unknown part of the file Androi... |
| CVE-2025-6092 | A vulnerability was found in comfyanonymous comfyui up to 0.3.39. It has been declared as problematic. Affected by this vulne... | ||
| CVE-2025-4655 | Liferay | Digital Experience Platform | SSRF vulnerability in FreeMarker templates in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.... |
| CVE-2025-2935 | The Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms plugin for WordPress is vulnerable to Cross-Site Request F... | ||
| CVE-2025-1437 | Tinywebgallery | Advanced Iframe | The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'advanced_iframe' shor... |
| CVE-2025-1026 | Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation due to improper URL valid... | ||
| CVE-2025-0510 | Mozilla | Thunderbird | Thunderbird displayed an incorrect sender address if the From field of an email used the invalid group name syntax that is de... |
| CVE-2024-57994 | Linux | Linux Kernel | In the Linux kernel, the following vulnerability has been resolved: ptr_ring: do not block hard interrupts in ptr_ring_resiz... |
| CVE-2024-50524 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Quý Lê 91 Administrat... | ||
| CVE-2024-46746 | Debian | Debian Linux | In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: free driver_data after destroying hid devi... |
| CVE-2024-44941 | Linux | Linux Kernel | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to cover read extent cache access with lock s... |
| CVE-2024-32079 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Dempfle Advance... | ||
| CVE-2024-30850 | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2024-33434. Reason: This record is a duplicate of CVE-2024-33434... | ||
| CVE-2024-23222 | Apple | Ipados | A type confusion issue was addressed with improved checks. This issue is fixed in Safari 17.3, iOS 15.8.7 and iPadOS 15.8.7, ... |
| CVE-2024-21549 | Versions of the package spatie/browsershot before 5.0.3 are vulnerable to Improper Input Validation due to improper URL valid... | ||
| CVE-2024-14032 | Twitch | Twitch Studio | Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allow... |
| CVE-2024-12290 | Infility | Infility Global | The Infility Global plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘set_type’ parameter in ... |
| CVE-2024-12219 | The Stop Registration Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and includ... | ||
| CVE-2024-12166 | Cmorillas1 | Shortcodes Blocks Creator Ultimate | The Shortcodes Blocks Creator Ultimate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' pa... |
| CVE-2024-12155 | The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escala... | ||
| CVE-2024-12066 | The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path valid... | ||
| CVE-2024-12026 | The Message Filter for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missin... | ||
| CVE-2024-11193 | An information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password is logged in plaintext with... | ||