|
251571
|
4.3 |
MEDIUM
Network
|
splunk
|
splunk
|
In Splunk Enterprise versions 9.3.0, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could view images on the machine that runs Splunk Enterprise by usi…
|
NVD-CWE-noinfo
|
CVE-2024-45734
|
2024-10-17 07:20 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251572
|
6.5 |
MEDIUM
Network
|
splunk
|
splunk
splunk_cloud_platform
|
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.107, 9.1.2312.204, and 9.1.2312.111, a low-privileged user that does not hold the "admin"…
|
NVD-CWE-noinfo
|
CVE-2024-45736
|
2024-10-17 07:19 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251573
|
3.5 |
LOW
Network
|
splunk
|
splunk
splunk_cloud_platform
|
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108, and 9.1.2312.204, a low-privileged user that does not hold the "admin" or "power" Sp…
|
CWE-352
Origin Validation Error
|
CVE-2024-45737
|
2024-10-17 07:18 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251574
|
7.5 |
HIGH
Network
|
-
|
-
|
An Out-of-Bounds Read vulnerability in
the routing protocol daemon (rpd) of
Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker sending a specifically …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-39516
|
2024-10-17 07:15 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251575
|
8.8 |
HIGH
Network
|
blood_bank_system_project
|
blood_bank_system
|
A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file reset.php. The manipulation of the argument useremail …
|
CWE-89
SQL Injection
|
CVE-2024-9894
|
2024-10-17 07:13 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251576
|
5.4 |
MEDIUM
Network
|
oretnom23
|
online_eyewear_shop
|
A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /admin/?page=inventory/view_inventory&id=2. The …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9906
|
2024-10-17 07:12 |
2024-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251577
|
8.8 |
HIGH
Network
|
oretnom23
|
online_eyewear_shop
|
A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This issue affects some unknown processing of the file /admin/?page=inventory/view_invento…
|
CWE-89
SQL Injection
|
CVE-2024-9905
|
2024-10-17 07:12 |
2024-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251578
|
9.8 |
CRITICAL
Network
|
usualtool
|
usualtoolcms
|
A vulnerability, which was classified as critical, has been found in HuangDou UTCMS V9. Affected by this issue is some unknown functionality of the file app/modules/ut-cac/admin/cli.php. The manipula…
|
CWE-78
OS Command
|
CVE-2024-9916
|
2024-10-17 07:11 |
2024-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251579
|
9.8 |
CRITICAL
Network
|
ragic
|
enterprise_cloud_database
|
Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-9984
|
2024-10-17 07:03 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251580
|
7.5 |
HIGH
Network
|
ragic
|
enterprise_cloud_database
|
Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.
|
CWE-22
Path Traversal
|
CVE-2024-9983
|
2024-10-17 07:03 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
