|
313561
|
2.7 |
LOW
Network
|
sap
|
netweaver_application_server_abap
|
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. This results in a minimal impact on confidentiali…
|
CWE-863
Incorrect Authorization
|
CVE-2024-44114
|
2024-09-16 23:09 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313562
|
5.4 |
MEDIUM
Network
|
jayesh
|
online_exam_system
|
A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/afeedback.php" in Kashipara Online Exam System v1.0, which allows remote attackers to execute arbitrary code via "rname" and "em…
|
CWE-79
Cross-site Scripting
|
CVE-2024-40478
|
2024-09-16 22:46 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313563
|
8.8 |
HIGH
Network
|
elastic
|
kibana
|
A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. This issue only affects users that use Elastic Secu…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-37288
|
2024-09-16 22:29 |
2024-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313564
|
6.1 |
MEDIUM
Network
|
uniong
|
webitr
|
WebITR from Uniong has an Open Redirect vulnerability, which allows unauthorized remote attackers to exploit this vulnerability to forge URLs. Users, believing they are accessing a trusted domain, ca…
|
CWE-601
Open Redirect
|
CVE-2024-8586
|
2024-09-16 22:28 |
2024-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313565
|
4.3 |
MEDIUM
Network
|
istyle
|
\@cosme
|
Improper authorization in handler for custom URL scheme issue in "@cosme" App for Android versions prior 5.69.0 and "@cosme" App for iOS versions prior to 6.74.0 allows an attacker to lead a user to …
|
NVD-CWE-noinfo
|
CVE-2024-45203
|
2024-09-16 22:27 |
2024-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313566
|
9.8 |
CRITICAL
Network
|
project_team
|
tmall_demo
|
A vulnerability, which was classified as critical, was found in Mini-Tmall up to 20240901. Affected is the function rewardMapper.select of the file tmall/admin/order/1/1. The manipulation of the argu…
|
CWE-89
SQL Injection
|
CVE-2024-8568
|
2024-09-16 22:22 |
2024-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313567
|
4.8 |
MEDIUM
Network
|
anujk305
|
bus_pass_management_system
|
phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting (XSS) in /admin/pass-bwdates-reports-details.php via fromdate and todate parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2024-44798
|
2024-09-16 22:19 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313568
|
7.8 |
HIGH
Local
|
adobe
|
illustrator
|
Illustrator versions 28.6, 27.9.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user.…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2024-41857
|
2024-09-16 22:18 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313569
|
5.5 |
MEDIUM
Local
|
adobe
|
premiere_pro
|
Premiere Pro versions 24.5, 23.6.8 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypas…
|
CWE-416
Use After Free
|
CVE-2024-39385
|
2024-09-16 22:12 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313570
|
7.8 |
HIGH
Local
|
adobe
|
premiere_pro
|
Premiere Pro versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-39384
|
2024-09-16 22:01 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
