| CVE-2024-47943 |
The firmware upgrade function in the admin web interface of the Rittal IoT Interface & CMC III Proc... |
|
2024-10-15 |
View Details |
| CVE-2024-21236 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-48282 |
A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & ... |
|
2024-10-15 |
View Details |
| CVE-2024-9982 |
AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query paramete... |
CRITICAL |
2024-10-15 |
View Details |
| CVE-2024-21235 |
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-48280 |
A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Logi... |
|
2024-10-15 |
View Details |
| CVE-2024-9981 |
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote ... |
|
2024-10-15 |
View Details |
| CVE-2024-21234 |
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-48279 |
A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Log... |
|
2024-10-15 |
View Details |
| CVE-2024-9980 |
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote ... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-21233 |
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions t... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-48278 |
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Requ... |
|
2024-10-15 |
View Details |
| CVE-2024-47874 |
Starlette is an Asynchronous Server Gateway Interface (ASGI) framework/toolkit. Prior to version 0.4... |
|
2024-10-15 |
View Details |
| CVE-2024-9837 |
The The AADMY – Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to arbitrar... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-21232 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). ... |
LOW |
2024-10-15 |
View Details |
| CVE-2024-9976 |
A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.... |
CRITICAL |
2024-10-15 |
View Details |
| CVE-2024-9972 |
Property Management System from ChanGate has a SQL Injection vulnerability, allowing unauthenticated... |
CRITICAL |
2024-10-15 |
View Details |
| CVE-2024-21231 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported v... |
LOW |
2024-10-15 |
View Details |
| CVE-2024-9975 |
A vulnerability was found in SourceCodester Drag and Drop Image Upload 1.0. It has been rated as cri... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-47876 |
Sakai is a Collaboration and Learning Environment. Starting in version 23.0 and prior to version 23.... |
|
2024-10-15 |
View Details |
| CVE-2024-46898 |
SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal... |
|
2024-10-15 |
View Details |
| CVE-2024-21230 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-49388 |
Sensitive information manipulation due to improper authorization. The following products are affecte... |
CRITICAL |
2024-10-15 |
View Details |
| CVE-2024-9944 |
The WooCommerce plugin for WordPress is vulnerable to HTML Injection in all versions up to, and incl... |
|
2024-10-15 |
View Details |
| CVE-2024-21219 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versi... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-49387 |
Cleartext transmission of sensitive information in acep-collector service. The following products ar... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-10004 |
Opening an external link to an HTTP website when Firefox iOS was previously closed and had an HTTPS ... |
|
2024-10-15 |
View Details |
| CVE-2024-0129 |
NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal... |
|
2024-10-15 |
View Details |
| CVE-2024-21218 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-49384 |
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21535 |
Versions of the package markdown-to-jsx before 7.4.0 are vulnerable to Cross-site Scripting (XSS) vi... |
|
2024-10-15 |
View Details |
| CVE-2024-21217 |
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ... |
LOW |
2024-10-15 |
View Details |
| CVE-2024-49383 |
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The ... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-9971 |
The specific query functionality in the FlowMaster BPM Plus from NewType does not properly restrict ... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-21216 |
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... |
|
2024-10-15 |
View Details |
| CVE-2024-49382 |
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-45271 |
An unauthenticated local attacker can gain admin privileges by deploying a config file due to improp... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-9970 |
The FlowMaster BPM Plus system from NewType has a privilege escalation vulnerability. Remote attacke... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-21215 |
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-47674 |
In the Linux kernel, the following vulnerability has been resolved:
mm: avoid leaving partial pfn m... |
|
2024-10-15 |
View Details |
| CVE-2024-45272 |
An unauthenticated remote attacker can perform a brute-force attack on the credentials of the remote... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-9925 |
SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. Exploitation of this vulne... |
|
2024-10-15 |
View Details |
| CVE-2024-9969 |
NewType WebEIP v3.0 does not properly validate user input, allowing a remote attacker with regular p... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-21214 |
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Quer... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-45276 |
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missi... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-45273 |
An unauthenticated local attacker can decrypt the devices config file and therefore compromise the d... |
HIGH |
2024-10-15 |
View Details |
| CVE-2024-9968 |
WebEIP v3.0 from
NewType does not properly validate user input, allowing remote attackers with re... |
|
2024-10-15 |
View Details |
| CVE-2024-21213 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t... |
MEDIUM |
2024-10-15 |
View Details |
| CVE-2024-45275 |
The devices contain two hard coded user accounts with hardcoded passwords that allow an unauthentica... |
|
2024-10-15 |
View Details |
| CVE-2024-45274 |
An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing auth... |
CRITICAL |
2024-10-15 |
View Details |