|
251051
|
3.7 |
LOW
Network
|
-
|
-
|
Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability…
|
-
|
CVE-2024-21210
|
2024-10-31 22:35 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251052
|
3.7 |
LOW
Network
|
-
|
-
|
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java…
|
-
|
CVE-2024-21208
|
2024-10-31 22:35 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251053
|
3.3 |
LOW
Local
|
mongodb
|
mongo_crypt_v1.so
mongocryptd
|
A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciph…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2024-8013
|
2024-10-31 22:33 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251054
|
8.8 |
HIGH
Network
|
priyabratasarkar
|
token_login
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token Login allows Authentication Bypass.This issue affects Token Login: from n/a through 1.0.3.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-50488
|
2024-10-31 22:19 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251055
|
9.8 |
CRITICAL
Network
|
tareqhasan
|
meetup
|
Authorization Bypass Through User-Controlled Key vulnerability in Meetup allows Privilege Escalation.This issue affects Meetup: from n/a through 0.1.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-50483
|
2024-10-31 22:12 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251056
|
9.8 |
CRITICAL
Network
|
mansurahamed
|
woocommerce_quote_calculator
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mansur Ahamed Woocommerce Quote Calculator allows Blind SQL Injection.This issue affects Woocomme…
|
CWE-89
SQL Injection
|
CVE-2024-50479
|
2024-10-31 22:02 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251057
|
9.8 |
CRITICAL
Network
|
codezips
|
hospital_appointment_system
|
A vulnerability, which was classified as critical, was found in Codezips Hospital Appointment System 1.0. This affects an unknown part of the file /loginAction.php. The manipulation of the argument U…
|
CWE-89
SQL Injection
|
CVE-2024-10449
|
2024-10-31 21:47 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251058
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
CWE-843
Type Confusion
|
CVE-2024-10230
|
2024-10-31 17:35 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251059
|
9.8 |
CRITICAL
Network
|
swoopnow
|
1-click_login\
|
Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless Authentication allows Authentication Bypass.This issue affects 1-Click Login: Passwordless Authentication:…
|
CWE-287
Improper Authentication
|
CVE-2024-50478
|
2024-10-31 10:44 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251060
|
5.4 |
MEDIUM
Network
|
amilia
|
store
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Drapeau Amilia Store allows Stored XSS.This issue affects Amilia Store: from n/a th…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50472
|
2024-10-31 10:42 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
