|
310531
|
8.1 |
HIGH
Network
|
shilpisoft
|
client_dashboard
|
This vulnerability exists in Shilpi Client Dashboard due to implementation of inadequate authentication mechanism in the login module wherein access to any users account is granted with just their co…
|
NVD-CWE-Other
|
CVE-2024-47652
|
2024-10-16 23:12 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310532
|
5.7 |
MEDIUM
Network
|
enalean
|
tuleap
|
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.40, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-46988
|
2024-10-16 23:07 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310533
|
5.4 |
MEDIUM
Network
|
ultimatemember
|
ultimate_member
|
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's '…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8519
|
2024-10-16 23:06 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310534
|
4.8 |
MEDIUM
Network
|
enalean
|
tuleap
|
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15…
|
CWE-79
Cross-site Scripting
|
CVE-2024-46980
|
2024-10-16 23:05 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310535
|
7.5 |
HIGH
Network
|
acronis
|
cyber_protect
|
Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2024-49387
|
2024-10-16 22:58 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310536
|
9.1 |
CRITICAL
Network
|
acronis
|
cyber_protect
|
Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-49388
|
2024-10-16 22:57 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310537
|
4.3 |
MEDIUM
Adjacent
|
acronis
|
cyber_protect
|
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
NVD-CWE-Other
|
CVE-2024-49383
|
2024-10-16 22:53 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310538
|
4.3 |
MEDIUM
Adjacent
|
acronis
|
cyber_protect
|
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
NVD-CWE-Other
|
CVE-2024-49382
|
2024-10-16 22:53 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310539
|
4.3 |
MEDIUM
Adjacent
|
acronis
|
cyber_protect
|
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
NVD-CWE-Other
|
CVE-2024-49384
|
2024-10-16 22:52 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310540
|
7.8 |
HIGH
Local
|
electronics.jtekt
|
kostac_plc_programming_software
|
Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project f…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47134
|
2024-10-16 22:50 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
