| CVE-2024-47945 |
The devices are vulnerable to session hijacking due to insufficient
entropy in its session ID gener... |
|
2024-10-15 |
View Details |
| CVE-2024-21244 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported... |
LOW |
2024-10-15 |
View Details |
| CVE-2024-48913 |
Hono, a web framework, prior to version 4.6.5 is vulnerable to bypass of cross-site request forgery ... |
|
2024-10-15 |
View Details |
| CVE-2024-21205 |
Vulnerability in the Oracle Service Bus product of Oracle Fusion Middleware (component: OSB Core Fun... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-9957 |
Use after free in UI in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who co... |
|
2024-10-15 |
View Details |
| CVE-2024-9985 |
Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers... |
CRITICAL |
2024-10-15 |
View Details |
| CVE-2024-21243 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported... |
LOW |
2024-10-15 |
View Details |
| CVE-2024-48914 |
Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerabi... |
|
2024-10-15 |
View Details |
| CVE-2024-9687 |
The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions up ... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-21204 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versio... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-9956 |
Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58... |
|
2024-10-15 |
View Details |
| CVE-2024-9984 |
Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowin... |
CRITICAL |
2024-10-15 |
View Details |
| CVE-2024-21242 |
Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are ... |
LOW |
2024-10-15 |
View Details |
| CVE-2024-48915 |
Agent Dart is an agent library built for Internet Computer for Dart and Flutter apps. Prior to versi... |
|
2024-10-15 |
View Details |
| CVE-2024-21203 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versi... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-9955 |
Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacke... |
|
2024-10-15 |
View Details |
| CVE-2024-9983 |
Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing ... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-21241 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21202 |
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA ... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-9954 |
Use after free in AI in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentiall... |
|
2024-10-15 |
View Details |
| CVE-2024-9925 |
SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. Exploitation of this vulne... |
|
2024-10-15 |
View Details |
| CVE-2024-21239 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21201 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-9594 |
A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default cr... |
|
2024-10-15 |
View Details |
| CVE-2024-9895 |
The Smart Online Order for Clover plugin for WordPress is vulnerable to Stored Cross-Site Scripting ... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21238 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supp... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21200 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-9486 |
A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default cr... |
|
2024-10-15 |
View Details |
| CVE-2024-47944 |
The device directly executes .patch firmware upgrade files on a USB stick without any prior authenti... |
|
2024-10-15 |
View Details |
| CVE-2024-21237 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS)... |
LOW |
2024-10-15 |
View Details |
| CVE-2024-21199 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-48783 |
An issue in Ruijie NBR3000D-E Gateway allows a remote attacker to obtain sensitive information via t... |
|
2024-10-15 |
View Details |
| CVE-2024-47943 |
The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Proc... |
|
2024-10-15 |
View Details |
| CVE-2024-21236 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21198 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versi... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-48782 |
File Upload vulnerability in DYCMS Open-Source Version v2.0.9.41 allows a remote attacker to execute... |
|
2024-10-15 |
View Details |
| CVE-2024-9982 |
AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query paramete... |
CRITICAL |
2024-10-15 |
View Details |
| CVE-2024-21235 |
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-5749 |
Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP se... |
|
2024-10-15 |
View Details |
| CVE-2024-21197 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). ... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-48781 |
An issue in Wanxing Technology Yitu Project Management Kirin Edition 2.3.6 allows a remote attacker ... |
|
2024-10-15 |
View Details |
| CVE-2024-9981 |
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote ... |
|
2024-10-15 |
View Details |
| CVE-2024-21234 |
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-21196 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported ... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-48779 |
An issue in Wanxing Technology's Yitu project Management Software 3.2.2 allows a remote attacker to ... |
|
2024-10-15 |
View Details |
| CVE-2024-9980 |
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote ... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-21233 |
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions t... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21195 |
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Layout Templates). ... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-48714 |
In TP-Link TL-WDR7660 v1.0, the guestRuleJsonToBin function handles the parameter string name withou... |
|
2024-10-15 |
View Details |
| CVE-2024-9837 |
The The AADMY – Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to arbitrar... |
HIGH |
2024-10-15 |
View Details |