| CVE-2024-8040 |
An authorization bypass through user-controlled key vulnerability affecting 3DSwym in 3DSwymer on Re... |
|
2024-10-16 |
View Details |
| CVE-2024-47888 |
Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to ve... |
|
2024-10-16 |
View Details |
| CVE-2024-20460 |
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapt... |
|
2024-10-16 |
View Details |
| CVE-2024-6380 |
A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovat... |
|
2024-10-16 |
View Details |
| CVE-2024-46213 |
REDAXO CMS v2.11.0 was discovered to contain a remote code execution (RCE) vulnerability.... |
|
2024-10-16 |
View Details |
| CVE-2024-20459 |
A vulnerability in the web-based management interface of Cisco ATA 190 Multiplatform Series Analog T... |
|
2024-10-16 |
View Details |
| CVE-2024-10022 |
A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.... |
|
2024-10-16 |
View Details |
| CVE-2024-46212 |
An issue in the component /index.php?page=backup/export of REDAXO CMS v5.17.1 allows attackers to ex... |
|
2024-10-16 |
View Details |
| CVE-2024-20458 |
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapt... |
|
2024-10-16 |
View Details |
| CVE-2024-10021 |
A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as crit... |
|
2024-10-16 |
View Details |
| CVE-2024-44762 |
A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers... |
|
2024-10-16 |
View Details |
| CVE-2024-20421 |
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapt... |
|
2024-10-16 |
View Details |
| CVE-2023-32190 |
mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable by abusing... |
|
2024-10-16 |
View Details |
| CVE-2024-47887 |
Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 an... |
|
2024-10-16 |
View Details |
| CVE-2024-20420 |
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapt... |
|
2024-10-16 |
View Details |
| CVE-2024-8921 |
The Zita Elementor Site Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-47836 |
Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserializati... |
|
2024-10-16 |
View Details |
| CVE-2024-20280 |
A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with acc... |
|
2024-10-16 |
View Details |
| CVE-2024-9444 |
The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scrip... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-47522 |
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security M... |
|
2024-10-16 |
View Details |
| CVE-2024-10033 |
A vulnerability was found in aap-gateway. A Cross-site Scripting (XSS) vulnerability exists in the g... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-9858 |
There exists an insecure default user permission in Google Cloud Migrate to containers from version ... |
|
2024-10-16 |
View Details |
| CVE-2024-47188 |
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security M... |
|
2024-10-16 |
View Details |
| CVE-2023-32266 |
Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management (ALM),Quality Ce... |
|
2024-10-16 |
View Details |
| CVE-2023-32188 |
A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and AP... |
|
2024-10-16 |
View Details |
| CVE-2024-47187 |
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security M... |
|
2024-10-16 |
View Details |
| CVE-2024-49265 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab... |
|
2024-10-16 |
View Details |
| CVE-2023-22650 |
A vulnerability has been identified in which Rancher does not automatically clean up a user which ha... |
|
2024-10-16 |
View Details |
| CVE-2024-45797 |
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to ve... |
|
2024-10-16 |
View Details |
| CVE-2024-29155 |
On Microchip RN4870 devices, when more than one consecutive PairReqNoInputNoOutput request is
recei... |
|
2024-10-16 |
View Details |
| CVE-2024-9540 |
The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposur... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-45796 |
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security M... |
|
2024-10-16 |
View Details |
| CVE-2024-9348 |
Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view.... |
|
2024-10-16 |
View Details |
| CVE-2024-9061 |
The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is vulne... |
HIGH |
2024-10-16 |
View Details |
| CVE-2024-45795 |
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security M... |
|
2024-10-16 |
View Details |
| CVE-2024-49268 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab... |
|
2024-10-16 |
View Details |
| CVE-2024-45715 |
The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an e... |
HIGH |
2024-10-16 |
View Details |
| CVE-2024-41128 |
Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 an... |
|
2024-10-16 |
View Details |
| CVE-2024-49267 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab... |
|
2024-10-16 |
View Details |
| CVE-2024-45714 |
Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ perm... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-9143 |
Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted
explicit values for t... |
|
2024-10-16 |
View Details |
| CVE-2024-49266 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab... |
|
2024-10-16 |
View Details |
| CVE-2024-45711 |
SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution... |
HIGH |
2024-10-16 |
View Details |
| CVE-2024-4692 |
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Au... |
|
2024-10-16 |
View Details |
| CVE-2024-48744 |
A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in PHPG... |
|
2024-10-16 |
View Details |
| CVE-2024-45710 |
SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation... |
|
2024-10-16 |
View Details |
| CVE-2024-4690 |
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automati... |
|
2024-10-16 |
View Details |
| CVE-2024-47139 |
A stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IQ Config... |
|
2024-10-16 |
View Details |
| CVE-2024-45693 |
Users logged into the Apache CloudStack's web interface can be tricked to submit malicious CSRF requ... |
|
2024-10-16 |
View Details |
| CVE-2024-4211 |
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Au... |
|
2024-10-16 |
View Details |