| CVE-2024-7847 |
VULNERABILITY DETAILS
Rockwell Automation used the latest versions of the CVSS scoring system to as... |
|
2024-10-14 |
View Details |
| CVE-2024-45741 |
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.240... |
|
2024-10-14 |
View Details |
| CVE-2024-48251 |
Wavelog 1.8.5 allows Activated_gridmap_model.php get_band_confirmed SQL injection via band, sat, pro... |
|
2024-10-14 |
View Details |
| CVE-2024-48255 |
Cloudlog 2.6.15 allows Oqrs.php get_station_info station_id SQL injection.... |
CRITICAL |
2024-10-14 |
View Details |
| CVE-2024-45740 |
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.240... |
|
2024-10-14 |
View Details |
| CVE-2024-48253 |
Cloudlog 2.6.15 allows Oqrs.php delete_oqrs_line id SQL injection.... |
|
2024-10-14 |
View Details |
| CVE-2024-48253 |
Cloudlog 2.6.15 allows Oqrs.php delete_oqrs_line id SQL injection.... |
CRITICAL |
2024-10-14 |
View Details |
| CVE-2024-45739 |
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaint... |
|
2024-10-14 |
View Details |
| CVE-2024-48255 |
Cloudlog 2.6.15 allows Oqrs.php get_station_info station_id SQL injection.... |
|
2024-10-14 |
View Details |
| CVE-2024-48120 |
X2CRM v8.5 is vulnerable to a stored Cross-Site Scripting (XSS) in the "Opportunities" module. An at... |
|
2024-10-14 |
View Details |
| CVE-2024-45738 |
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes sensit... |
|
2024-10-14 |
View Details |
| CVE-2024-48257 |
Wavelog 1.8.5 allows Oqrs_model.php get_worked_modes station_id SQL injectioin.... |
|
2024-10-14 |
View Details |
| CVE-2024-6207 |
CVE 2021-22681 https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.PN... |
|
2024-10-14 |
View Details |
| CVE-2024-48119 |
Vtiger CRM v8.2.0 has a HTML Injection vulnerability in the module parameter. Authenticated users ca... |
|
2024-10-14 |
View Details |
| CVE-2024-45737 |
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below... |
LOW |
2024-10-14 |
View Details |
| CVE-2024-48259 |
Cloudlog 2.6.15 allows Oqrs.php request_form SQL injection via station_id or callsign.... |
|
2024-10-14 |
View Details |
| CVE-2024-9139 |
The affected product permits OS command injection through improperly restricted commands, potentiall... |
|
2024-10-14 |
View Details |
| CVE-2024-45736 |
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below... |
MEDIUM |
2024-10-14 |
View Details |
| CVE-2024-9137 |
The affected product lacks an authentication check when sending commands to the server via the Moxa ... |
|
2024-10-14 |
View Details |
| CVE-2024-45735 |
In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cl... |
MEDIUM |
2024-10-14 |
View Details |
| CVE-2024-48261 |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-48251. Reason: This candidat... |
|
2024-10-14 |
View Details |
| CVE-2024-46911 |
Cross-site Resource Forgery (CSRF), Privilege escalation vulnerability in Apache Roller. On multi-bl... |
|
2024-10-14 |
View Details |
| CVE-2024-45734 |
In Splunk Enterprise versions 9.3.0, 9.2.3, and 9.1.6, a low-privileged user that does not hold the ... |
MEDIUM |
2024-10-14 |
View Details |
| CVE-2024-43701 |
Software installed and run as a non-privileged user may conduct GPU system calls to read and write f... |
|
2024-10-14 |
View Details |
| CVE-2024-45733 |
In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not... |
HIGH |
2024-10-14 |
View Details |
| CVE-2024-38863 |
Exposure of CSRF tokens in query parameters on specific requests in Checkmk GmbH's Checkmk versions ... |
|
2024-10-14 |
View Details |
| CVE-2024-45732 |
In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform... |
|
2024-10-14 |
View Details |
| CVE-2024-38862 |
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.... |
|
2024-10-14 |
View Details |
| CVE-2024-45731 |
In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that ... |
|
2024-10-14 |
View Details |
| CVE-2024-9924 |
The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga rema... |
CRITICAL |
2024-10-14 |
View Details |
| CVE-2024-8184 |
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploit... |
|
2024-10-14 |
View Details |
| CVE-2024-9923 |
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing re... |
MEDIUM |
2024-10-14 |
View Details |
| CVE-2024-6763 |
Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It inclu... |
|
2024-10-14 |
View Details |
| CVE-2024-49214 |
QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a ... |
|
2024-10-14 |
View Details |
| CVE-2024-6762 |
Jetty PushSessionCacheFilter can be exploited by unauthenticated users
to launch remote DoS attacks... |
|
2024-10-14 |
View Details |
| CVE-2024-30117 |
A dynamic search for a prerequisite library could allow the possibility for an attacker to replace t... |
|
2024-10-14 |
View Details |
| CVE-2024-9922 |
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing un... |
HIGH |
2024-10-14 |
View Details |
| CVE-2024-48153 |
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and ex... |
|
2024-10-14 |
View Details |
| CVE-2024-9921 |
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate specific page parameter, allowing unau... |
CRITICAL |
2024-10-14 |
View Details |
| CVE-2024-48150 |
D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the sub_451208 function.... |
|
2024-10-14 |
View Details |
| CVE-2024-41997 |
An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A com... |
|
2024-10-14 |
View Details |
| CVE-2023-50780 |
Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which a... |
HIGH |
2024-10-14 |
View Details |
| CVE-2024-9823 |
There exists a security vulnerability in Jetty's DosFilter which can be exploited by unauthorized us... |
|
2024-10-14 |
View Details |
| CVE-2024-48261 |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-48251. Reason: This candidat... |
|
2024-10-14 |
View Details |
| CVE-2024-48259 |
Cloudlog 2.6.15 allows Oqrs.php request_form SQL injection via station_id or callsign.... |
|
2024-10-14 |
View Details |
| CVE-2024-48257 |
Wavelog 1.8.5 allows Oqrs_model.php get_worked_modes station_id SQL injectioin.... |
CRITICAL |
2024-10-14 |
View Details |
| CVE-2024-48251 |
Wavelog 1.8.5 allows Activated_gridmap_model.php get_band_confirmed SQL injection via band, sat, pro... |
CRITICAL |
2024-10-14 |
View Details |
| CVE-2024-48249 |
Wavelog 1.8.5 allows Gridmap_model.php get_band_confirmed SQL injection via band, sat, propagation, ... |
|
2024-10-14 |
View Details |
| CVE-2024-40616 |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... |
|
2024-10-14 |
View Details |
| CVE-2024-9936 |
When manipulating the selection node cache, an attacker may have been able to cause unexpected behav... |
|
2024-10-14 |
View Details |