Antonio Francesco Sardella Really Simple Security 9.1.1.1 - Authentication Bypass
webapps php CVE-2024-10924

Jordan Sharp qBittorrent 5.0.1 - MITM RCE
local multiple CVE-2024-51774

Alessio Romano (sfoffo)_ Riccardo Degli Esposti (partywave) Invesalius3 - Remote Code Execution
webapps python

SamAlucard Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path
local windows

Erdemstar Wordpress Plugin WP Video Playlist 1.1.1 - Stored Cross-Site Scripting (XSS)
webapps php

Erdemstar Wordpress Plugin Playlist for Youtube 1.32 - Stored Cross-Site Scripting (XSS)
webapps php

Erdemstar Wordpress Plugin Alemha Watermarker 1.3.1 - Stored Cross-Site Scripting (XSS)
webapps php

ardr JFrog Artifactory < 7.25.4 - Blind SQL Injection
webapps php

Antonio Francesco Sardella Cacti 1.2.24 - Authenticated command injection when using SNMP options
webapps php CVE-2023-39362

Sander Ferdinand Frappe Framework (ERPNext) 13.4.0 - Remote Code Execution (Authenticated)
webapps python

ieduardogoncalves D-Link DAP-1325 - Broken Access Control
webapps hardware

abhhi (Abhishek Birdawade) OpenEMR v7.0.1 - Authentication credentials brute force
webapps php

UNICORD pdfkit v0.8.7.2 - Command Injection
local ruby CVE-2022–25765

Yerodin Richards Arris Router Firmware 9.1.103 - Remote Code Execution (RCE) (Authenticated)
remote hardware CVE-2022-45701

Eduardo Pérez-Malumbres Cervera Answerdev 1.0.3 - Account Takeover
webapps go CVE-2023-0744

Antonio Francesco Sardella GitLab v15.3 - Remote Code Execution (RCE) (Authenticated)
webapps ruby CVE-2022-2884