|
309211
|
4.9 |
MEDIUM
Network
|
jpress
|
jpress
|
A vulnerability has been found in jpress up to 5.1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/template/edit of the component Template …
|
CWE-22
Path Traversal
|
CVE-2024-8304
|
2024-09-20 02:39 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309212
|
6.5 |
MEDIUM
Network
|
openzeppelin
|
contracts
|
Cairo-Contracts are OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup. This vulnerability can lead to unauthorized ownership transfer, contrary to the original owner's i…
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2024-45304
|
2024-09-20 02:26 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309213
|
4.3 |
MEDIUM
Network
|
teamviewer
|
meeting
teamviewer
|
Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the cl…
|
NVD-CWE-Other
|
CVE-2024-6053
|
2024-09-20 02:22 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309214
|
5.3 |
MEDIUM
Network
|
shedaniel
|
roughlyenoughitems
|
Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-42698
|
2024-09-20 01:29 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309215
|
5.3 |
MEDIUM
Network
|
mezz
|
justenoughitems
|
JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JE…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-41565
|
2024-09-20 01:19 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309216
|
7.3 |
HIGH
Local
|
openpolicyagent
|
open_policy_agent
|
A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrar…
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2024-8260
|
2024-09-20 01:08 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309217
|
4.6 |
MEDIUM
Physics
|
ibm
|
maas360_mdm
|
IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by a user with physical access to the device.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-35118
|
2024-09-20 00:53 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309218
|
8.1 |
HIGH
Network
|
zohocorp
|
manageengine_exchange_reporter_plus
|
Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module.
|
CWE-89
SQL Injection
|
CVE-2024-6204
|
2024-09-20 00:41 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309219
|
8.1 |
HIGH
Network
|
master-nan
|
sweet-cms
|
A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been rated as problematic. This issue affects the function LogHandler of the file middleware/l…
|
CWE-117
Improper Output Neutralization for Logs
|
CVE-2024-8334
|
2024-09-20 00:39 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309220
|
9.8 |
CRITICAL
Network
|
openrapid
|
rapidcms
|
A vulnerability classified as critical has been found in OpenRapid RapidCMS up to 1.3.1. Affected is an unknown function of the file /resource/runlogon.php. The manipulation of the argument username …
|
CWE-89
SQL Injection
|
CVE-2024-8335
|
2024-09-20 00:31 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
