|
312641
|
2.7 |
LOW
Network
|
adobe
|
commerce
magento
commerce_b2b
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker cou…
|
NVD-CWE-Other
|
CVE-2024-45133
|
2024-10-12 07:12 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312642
|
4.3 |
MEDIUM
Network
|
adobe
|
commerce
magento
commerce_b2b
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in Privilege escalation. A low-privileged attack…
|
NVD-CWE-noinfo
|
CVE-2024-45129
|
2024-10-12 07:09 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312643
|
4.3 |
MEDIUM
Network
|
adobe
|
commerce
magento
commerce_b2b
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged a…
|
NVD-CWE-noinfo
|
CVE-2024-45130
|
2024-10-12 07:08 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312644
|
4.8 |
MEDIUM
Network
|
adobe
|
commerce
magento
commerce_b2b
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin attacker to inject malic…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45127
|
2024-10-12 07:06 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312645
|
4.3 |
MEDIUM
Network
|
adobe
|
commerce
magento
commerce_b2b
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged a…
|
CWE-863
Incorrect Authorization
|
CVE-2024-45125
|
2024-10-12 07:05 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312646
|
5.3 |
MEDIUM
Network
|
adobe
|
commerce
magento
commerce_b2b
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could …
|
NVD-CWE-noinfo
|
CVE-2024-45124
|
2024-10-12 07:05 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312647
|
5.9 |
MEDIUM
Network
|
syracom
|
secure_login
|
The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plugins/servlet/twofactor/public/pinvalidat…
|
NVD-CWE-noinfo
|
CVE-2024-48942
|
2024-10-12 06:36 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312648
|
5.4 |
MEDIUM
Network
|
syracom
|
secure_login
|
The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to bypass 2FA by interacting with the /rest endpoint of Jira, Confluence, or Bitbucke…
|
NVD-CWE-noinfo
|
CVE-2024-48941
|
2024-10-12 06:36 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312649
|
- |
|
-
|
-
|
An issue was discovered in Trusted Firmware-M through 2.1.0. User provided (and controlled) mailbox messages contain a pointer to a list of input arguments (in_vec) and output arguments (out_vec). Th…
|
-
|
CVE-2024-45746
|
2024-10-12 06:36 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312650
|
- |
|
-
|
-
|
FydeOS for PC 17.1 R114, FydeOS for VMware 17.0 R114, FydeOS for You 17.1 R114, and OpenFyde R114 were discovered to be configured with the root password saved as a wildcard. This allows attackers to…
|
-
|
CVE-2024-25825
|
2024-10-12 06:36 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
