|
308931
|
5.3 |
MEDIUM
Network
|
xwiki
|
xwiki
|
XWiki Platform is a generic wiki platform. The REST API exposes the history of any page in XWiki of which the attacker knows the name. The exposed information includes for each modification of the pa…
|
CWE-862
Missing Authorization
|
CVE-2024-45591
|
2024-09-21 04:55 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308932
|
7.3 |
HIGH
Network
|
fortinet
|
forticlient_enterprise_management_server
|
An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2.0 through 7.2.4, 7.0.0 through 7.0.12 may allow an unauthe…
|
CWE-77
Command Injection
|
CVE-2024-33508
|
2024-09-21 04:48 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308933
|
6.5 |
MEDIUM
Network
|
fortinet
|
fortisandbox
|
An exposure of sensitive information to an unauthorized actor in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.2 through 3.2.4 and 3.1.5 al…
|
NVD-CWE-noinfo
|
CVE-2024-31490
|
2024-09-21 04:48 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308934
|
4.6 |
MEDIUM
Physics
|
fortinet
|
forticlient
|
A cleartext storage of sensitive information in memory vulnerability [CWE-316] affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions m…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-35282
|
2024-09-21 04:44 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308935
|
3.7 |
LOW
Network
|
fortinet
|
fortiadc
|
An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web Application Firewall (WAF) 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2…
|
NVD-CWE-noinfo
|
CVE-2024-36511
|
2024-09-21 04:43 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308936
|
7.1 |
HIGH
Local
|
citrix
|
workspace
|
Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local unauthenticated user with low privilege…
|
CWE-863
Incorrect Authorization
|
CVE-2024-42423
|
2024-09-21 04:42 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308937
|
8.1 |
HIGH
Network
|
fortinet
|
forticlient
|
AAn improper certificate validation vulnerability [CWE-295] in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 thr…
|
CWE-295
Improper Certificate Validation
|
CVE-2024-31489
|
2024-09-21 04:41 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308938
|
9.8 |
CRITICAL
Network
|
sandhillsdev
|
easy_digital_downloads
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Easy Digital Downloads allows SQL Injection.This issue affects Easy Digital Downloads: from n/a t…
|
CWE-89
SQL Injection
|
CVE-2024-5057
|
2024-09-21 04:31 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308939
|
9.8 |
CRITICAL
Network
|
microsoft
|
windows_10_1809
windows_server_2019
windows_server_2022
windows_11_21h2
windows_10_21h2
windows_11_22h2
windows_10_22h2
windows_11_23h2
windows_server_2022_23h2
windows_11_…
|
Windows TCP/IP Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-21416
|
2024-09-21 03:55 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308940
|
7.5 |
HIGH
Network
|
sitecore
|
experience_commerce
experience_platform
experience_manager
|
An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) 8.0 Initial Release through 10.4 Initial Release. An unauthenticated attacker can r…
|
NVD-CWE-noinfo
|
CVE-2024-46938
|
2024-09-21 03:15 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
