| CVE-2024-22034 |
Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This a... |
|
2024-10-16 |
View Details |
| CVE-2024-45796 |
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security M... |
|
2024-10-16 |
View Details |
| CVE-2024-8541 |
The Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, ... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-22033 |
The OBS service obs-service-download_url was vulnerable to a command injection vulnerability. The at... |
|
2024-10-16 |
View Details |
| CVE-2024-45795 |
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security M... |
|
2024-10-16 |
View Details |
| CVE-2024-49340 |
IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an attac... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-22032 |
A vulnerability has been identified in which an RKE1 cluster keeps
constantly reconciling when secr... |
|
2024-10-16 |
View Details |
| CVE-2024-41128 |
Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 an... |
|
2024-10-16 |
View Details |
| CVE-2024-22030 |
A vulnerability has been identified within Rancher that can be exploited
in narrow circumstances th... |
|
2024-10-16 |
View Details |
| CVE-2024-9143 |
Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted
explicit values for t... |
|
2024-10-16 |
View Details |
| CVE-2024-22029 |
Insecure permissions in the packaging of tomcat allow local users that win a race during package ins... |
|
2024-10-16 |
View Details |
| CVE-2024-4692 |
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Au... |
|
2024-10-16 |
View Details |
| CVE-2023-32189 |
Insecure handling of ssh keys used to bootstrap clients allows local attackers to potentially gain a... |
|
2024-10-16 |
View Details |
| CVE-2024-4690 |
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automati... |
|
2024-10-16 |
View Details |
| CVE-2024-49271 |
: Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Unlimited E... |
|
2024-10-16 |
View Details |
| CVE-2024-9634 |
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Ob... |
CRITICAL |
2024-10-16 |
View Details |
| CVE-2024-4211 |
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Au... |
|
2024-10-16 |
View Details |
| CVE-2024-49257 |
Unrestricted Upload of File with Dangerous Type vulnerability in Denis Azz Anonim Posting allows Upl... |
|
2024-10-16 |
View Details |
| CVE-2024-9647 |
The Kama SpamBlock plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST v... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-4189 |
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automati... |
|
2024-10-16 |
View Details |
| CVE-2024-49247 |
: Authentication Bypass Using an Alternate Path or Channel vulnerability in sooskriszta, webforza Bu... |
|
2024-10-16 |
View Details |
| CVE-2024-9649 |
The WP ULike – The Ultimate Engagement Toolkit for Websites plugin for WordPress is vulnerable to ... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-4184 |
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automati... |
|
2024-10-16 |
View Details |
| CVE-2024-48042 |
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic Con... |
|
2024-10-16 |
View Details |
| CVE-2024-9652 |
The Locatoraid Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting vi... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-46606 |
A cross-site scripting (XSS) vulnerability in the component /admin.php?page=photo of Piwigo v14.5.0 ... |
|
2024-10-16 |
View Details |
| CVE-2024-10024 |
A vulnerability, which was classified as critical, has been found in code-projects Pharmacy Manageme... |
|
2024-10-16 |
View Details |
| CVE-2024-9104 |
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in all versions up to, an... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-46605 |
A cross-site scripting (XSS) vulnerability in the component /admin.php?page=album of Piwigo v14.5.0 ... |
|
2024-10-16 |
View Details |
| CVE-2024-10023 |
A vulnerability classified as critical was found in code-projects Pharmacy Management System 1.0. Th... |
|
2024-10-16 |
View Details |
| CVE-2024-9105 |
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and in... |
CRITICAL |
2024-10-16 |
View Details |
| CVE-2024-45072 |
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE)... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2023-32196 |
A vulnerability has been identified whereby privilege escalation checks are not properly enforced fo... |
|
2024-10-16 |
View Details |
| CVE-2024-7994 |
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer O... |
|
2024-10-16 |
View Details |
| CVE-2024-45071 |
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vuln... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2023-32194 |
A vulnerability has been identified when granting a create or * global role for a resource type of "... |
|
2024-10-16 |
View Details |
| CVE-2024-7993 |
A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write... |
|
2024-10-16 |
View Details |
| CVE-2024-38814 |
An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A
mali... |
|
2024-10-16 |
View Details |
| CVE-2023-32193 |
A vulnerability has been identified in which unauthenticated cross-site
scripting (XSS) in Norman's... |
|
2024-10-16 |
View Details |
| CVE-2024-48918 |
RDS Light is a simplified version of the Reflective Dialogue System (RDS), a self-reflecting AI fram... |
|
2024-10-16 |
View Details |
| CVE-2024-20512 |
A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Por... |
|
2024-10-16 |
View Details |
| CVE-2023-32192 |
A vulnerability has been identified in which unauthenticated cross-site
scripting (XSS) in the API ... |
|
2024-10-16 |
View Details |
| CVE-2024-48758 |
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the addPro para... |
|
2024-10-16 |
View Details |
| CVE-2024-20463 |
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapt... |
|
2024-10-16 |
View Details |
| CVE-2023-32191 |
When RKE provisions a cluster, it stores the cluster state in a configmap called `full-cluster-state... |
|
2024-10-16 |
View Details |
| CVE-2024-48180 |
ClassCMS <=4.8 is vulnerable to file inclusion in the nowView method in/class/cms/cms.php, which can... |
|
2024-10-16 |
View Details |
| CVE-2024-20462 |
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog T... |
|
2024-10-16 |
View Details |
| CVE-2020-36841 |
The WooCommerce Smart Coupons plugin for WordPress is vulnerable to authorization bypass due to a mi... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-47889 |
Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior... |
|
2024-10-16 |
View Details |
| CVE-2024-20461 |
A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allo... |
|
2024-10-16 |
View Details |