|
309061
|
5.3 |
MEDIUM
Network
|
emilyploszaj
|
emi
|
EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and …
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-41564
|
2024-09-19 23:40 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309062
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_pam360
manageengine_password_manager_pro
|
Zohocorp ManageEngine Password Manager Pro versions before 12431 and ManageEngine PAM360 versions before 7001 are affected by authenticated SQL Injection vulnerability via a global search option.
|
CWE-89
SQL Injection
|
CVE-2024-5546
|
2024-09-19 23:39 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309063
|
5.4 |
MEDIUM
Network
|
connx
|
esp_hr_management
|
Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal Details" form in ConnX ESP HR Management allows Stored XSS attack. An attacker might inject a script t…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7269
|
2024-09-19 23:37 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309064
|
7.5 |
HIGH
Network
|
rockwellautomation
|
compactlogix_5380_firmware
compact_guardlogix_5380_sil_2_firmware
compact_guardlogix_5380_sil_3_firmware
compactlogix_5480_firmware
controllogix_5580_firmware
guardlogix_5580_firmware<…
|
A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailab…
|
NVD-CWE-noinfo
|
CVE-2024-6077
|
2024-09-19 23:31 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309065
|
9.8 |
CRITICAL
Network
|
soplanning
|
soplanning
|
A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. If the public view setting is enabled, a attacker can upload a PHP-file that will be avai…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-27114
|
2024-09-19 23:27 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309066
|
6.1 |
MEDIUM
Network
|
microfocus
|
edirectory
|
Possible
Improper Neutralization of Input During Web Page Generation Vulnerability
in eDirectory has been discovered in
OpenText™ eDirectory 9.2.3.0000.
|
CWE-79
Cross-site Scripting
|
CVE-2021-22503
|
2024-09-19 23:25 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309067
|
9.1 |
CRITICAL
Network
|
microfocus
|
edirectory
|
Possible Insertion of Sensitive Information into Log File Vulnerability
in eDirectory has been discovered in
OpenText™ eDirectory 9.2.4.0000.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-22533
|
2024-09-19 23:24 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309068
|
7.5 |
HIGH
Network
|
microfocus
|
edirectory
|
Possible NLDAP Denial of Service attack Vulnerability
in eDirectory has been discovered in
OpenText™
eDirectory before 9.2.4.0000.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-22532
|
2024-09-19 23:22 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309069
|
7.5 |
HIGH
Network
|
cisco
|
smart_license_utility
|
A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information.
This vulnerability is due to excessive verbosity in a debug log fi…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-20440
|
2024-09-19 22:42 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309070
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
libfs: fix infinite directory reads for offset dir
After we switch tmpfs dir operations from simple_dir_operations to
simple_offs…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-46701
|
2024-09-19 22:40 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
