How severe is CVE-2024-41255?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2024-41255?

This is classified as CWE-453, which is a common weakness in software security.

CVE-2024-41255

HIGH Year: 2024

CVSS v3 Score

7.5

High

Weakness Type

CWE-453

View all →

Vulnerability Description

filestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a man-in-the-middle attack via the Init function of index.go.

CVE-2023-27516

HIGH

CVSS:7.8(High)

An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network packet can lead to unauthorized access. An...

CWE-4532023

CVE-2022-3262

HIGH

CVSS:8.1(High)

A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided. This flaw allows an attacker to supply an incorrect name with ...

CWE-4532022

CVE-2024-49120

HIGH

CVSS:8.1(High)

Windows Remote Desktop Services Remote Code Execution Vulnerability

CWE-4532024

CVE-2024-39916

MEDIUM

CVSS:6.4(Medium)

FOG is a free open-source cloning/imaging/rescue suite/inventory management system. There is a security issue with the NFS configuration in /etc/exports generated by the installer that allows an attac...

CWE-4532024

CVE-2024-21411

HIGH

CVSS:8.8(High)

Skype for Consumer Remote Code Execution Vulnerability

CWE-4532024

CVE-2022-47194

CRITICAL

CVSS:9.0(Critical)

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript...

CWE-4532022

CVE-2024-41255

Vulnerability Description

Related Vulnerabilities

CVE-2023-27516

CVE-2022-3262

CVE-2024-49120

CVE-2024-39916

CVE-2024-21411

CVE-2022-47194