|
256061
|
6.1 |
MEDIUM
Network
|
friendica
|
friendica
|
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature.
|
CWE-79
Cross-site Scripting
|
CVE-2024-27729
|
2024-09-12 05:29 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256062
|
6.5 |
MEDIUM
Network
|
elastic
|
apm_server
|
APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-37286
|
2024-09-12 05:20 |
2024-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256063
|
9.8 |
CRITICAL
Network
|
angeljudesuarez
|
airline_reservation_system
|
A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been rated as critical. Affected by this issue is the function save_settings of the file admin/admin_class.php. The ma…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-7500
|
2024-09-12 05:07 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256064
|
8.8 |
HIGH
Network
|
angeljudesuarez
|
tailoring_management_system
|
A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /setlogo.php. The man…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-7506
|
2024-09-12 05:02 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256065
|
9.8 |
CRITICAL
Network
|
rainniar
|
bike_delivery_system
|
A vulnerability, which was classified as critical, was found in itsourcecode Bike Delivery System 1.0. Affected is an unknown function of the file contact_us_action.php. The manipulation of the argum…
|
CWE-89
SQL Injection
|
CVE-2024-7505
|
2024-09-12 04:53 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256066
|
6.5 |
MEDIUM
Network
|
cybozu
|
office
|
Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to the product to view data that the user does not have access b…
|
NVD-CWE-noinfo
|
CVE-2024-39817
|
2024-09-12 04:36 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256067
|
9.8 |
CRITICAL
Network
|
tenda
|
i22_firmware
|
A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as critical. Affected by this vulnerability is the function formApPortalWebAuth of the file /goform/apPortalAuth. The manipula…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-7585
|
2024-09-12 04:32 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256068
|
9.8 |
CRITICAL
Network
|
tenda
|
i22_firmware
|
A vulnerability, which was classified as critical, was found in Tenda i22 1.0.0.3(4687). Affected is the function formApPortalPhoneAuth of the file /goform/apPortalPhoneAuth. The manipulation of the …
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-7584
|
2024-09-12 04:25 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256069
|
7.8 |
HIGH
Local
|
jetbrains
|
teamcity
|
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-43114
|
2024-09-12 04:11 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256070
|
5.5 |
MEDIUM
Local
|
huawei
|
emui
harmonyos
|
LaunchAnywhere vulnerability in the account module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-42034
|
2024-09-12 03:55 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
