| CVE-2024-21232 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). ... |
LOW |
2024-10-15 |
View Details |
| CVE-2024-48948 |
The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify v... |
|
2024-10-15 |
View Details |
| CVE-2024-21194 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-48713 |
In TP-Link TL-WDR7660 1.0, the wacWhitelistJsonToBin function handles the parameter string name with... |
|
2024-10-15 |
View Details |
| CVE-2024-41344 |
A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the... |
|
2024-10-15 |
View Details |
| CVE-2024-9972 |
Property Management System from ChanGate has a SQL Injection vulnerability, allowing unauthenticated... |
CRITICAL |
2024-10-15 |
View Details |
| CVE-2024-21231 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported v... |
LOW |
2024-10-15 |
View Details |
| CVE-2024-21193 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versio... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-48712 |
In TP-Link TL-WDR7660 1.0, the rtRuleJsonToBin function handles the parameter string name without ch... |
|
2024-10-15 |
View Details |
| CVE-2024-46898 |
SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal... |
|
2024-10-15 |
View Details |
| CVE-2024-21230 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21192 |
Vulnerability in the Oracle Enterprise Manager for Fusion Middleware product of Oracle Fusion Middle... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-48710 |
In TP-Link TL-WDR7660 1.0, the wlanTimerRuleJsonToBin function handles the parameter string name wit... |
|
2024-10-15 |
View Details |
| CVE-2024-9944 |
The WooCommerce plugin for WordPress is vulnerable to HTML Injection in all versions up to, and incl... |
|
2024-10-15 |
View Details |
| CVE-2024-21219 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versi... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21191 |
Vulnerability in the Oracle Enterprise Manager Fusion Middleware Control product of Oracle Fusion Mi... |
|
2024-10-15 |
View Details |
| CVE-2024-48411 |
itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to SQL Injection (SQLI) v... |
|
2024-10-15 |
View Details |
| CVE-2024-0129 |
NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal... |
|
2024-10-15 |
View Details |
| CVE-2024-21218 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-47771 |
Element Desktop is a Matrix client for desktop platforms. Element Desktop versions 1.11.70 through 1... |
|
2024-10-15 |
View Details |
| CVE-2024-21190 |
Vulnerability in the Oracle Global Lifecycle Management FMW Installer product of Oracle Fusion Middl... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-44775 |
An issue in kmqtt v0.2.7 allows attackers to cause a Denial of Service(DoS) via a crafted request.... |
|
2024-10-15 |
View Details |
| CVE-2024-21535 |
Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) vi... |
|
2024-10-15 |
View Details |
| CVE-2024-21217 |
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... |
LOW |
2024-10-15 |
View Details |
| CVE-2024-21172 |
Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (componen... |
CRITICAL |
2024-10-15 |
View Details |
| CVE-2024-41311 |
In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an o... |
|
2024-10-15 |
View Details |
| CVE-2024-9971 |
The specific query functionality in the FlowMaster BPM Plus from NewType does not properly restrict ... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-21216 |
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... |
|
2024-10-15 |
View Details |
| CVE-2024-41344 |
A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the... |
|
2024-10-15 |
View Details |
| CVE-2024-31955 |
An issue was discovered in Samsung eMMC with KLMAG2GE4A and KLM8G1WEMB firmware. Code bypass through... |
|
2024-10-15 |
View Details |
| CVE-2024-9970 |
The FlowMaster BPM Plus system from NewType has a privilege escalation vulnerability. Remote attacke... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-21215 |
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-47779 |
Element is a Matrix web client built using the Matrix React SDK .Element Web versions 1.11.70 throug... |
|
2024-10-15 |
View Details |
| CVE-2024-35584 |
SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php... |
|
2024-10-15 |
View Details |
| CVE-2024-49195 |
Mbed TLS 3.5.x through 3.6.x before 3.6.2 has a buffer underrun in pkwrite when writing an opaque ke... |
|
2024-10-15 |
View Details |
| CVE-2024-9969 |
NewType WebEIP v3.0 does not properly validate user input, allowing a remote attacker with regular p... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21214 |
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Quer... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-5749 |
Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP se... |
|
2024-10-15 |
View Details |
| CVE-2024-44337 |
The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering... |
|
2024-10-15 |
View Details |
| CVE-2024-9968 |
WebEIP v3.0 from
NewType does not properly validate user input, allowing remote attackers with re... |
|
2024-10-15 |
View Details |
| CVE-2024-21213 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-48915 |
Agent Dart is an agent library built for Internet Computer for Dart and Flutter apps. Prior to versi... |
|
2024-10-15 |
View Details |
| CVE-2024-21286 |
Vulnerability in the PeopleSoft Enterprise ELM Enterprise Learning Management product of Oracle Peop... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-9952 |
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. T... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21212 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Health Monitor). Supp... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-9676 |
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the co... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21285 |
Vulnerability in the Oracle Banking Liquidity Management product of Oracle Financial Services Applic... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-9820 |
The WP 2FA with Telegram plugin for WordPress is vulnerable to Two-Factor Authentication Bypass in v... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21211 |
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... |
LOW |
2024-10-15 |
View Details |
| CVE-2024-9506 |
Improper regular expression in Vue's parseHTML function leads to a potential regular expression deni... |
|
2024-10-15 |
View Details |