|
309231
|
5.4 |
MEDIUM
Network
|
connx
|
esp_hr_management
|
Improper Neutralization of Input During Web Page Generation vulnerability in "Update of Personal Details" form in ConnX ESP HR Management allows Stored XSS attack. An attacker might inject a script t…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7269
|
2024-09-19 23:37 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309232
|
7.5 |
HIGH
Network
|
rockwellautomation
|
compactlogix_5380_firmware
compact_guardlogix_5380_sil_2_firmware
compact_guardlogix_5380_sil_3_firmware
compactlogix_5480_firmware
controllogix_5580_firmware
guardlogix_5580_firmware<…
|
A denial-of-service vulnerability exists in the Rockwell Automation affected products when specially crafted packets are sent to the CIP Security Object. If exploited the device will become unavailab…
|
NVD-CWE-noinfo
|
CVE-2024-6077
|
2024-09-19 23:31 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309233
|
9.8 |
CRITICAL
Network
|
soplanning
|
soplanning
|
A unauthenticated Remote Code Execution (RCE) vulnerability is found in the SO Planning online planning tool. If the public view setting is enabled, a attacker can upload a PHP-file that will be avai…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-27114
|
2024-09-19 23:27 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309234
|
6.1 |
MEDIUM
Network
|
microfocus
|
edirectory
|
Possible
Improper Neutralization of Input During Web Page Generation Vulnerability
in eDirectory has been discovered in
OpenText™ eDirectory 9.2.3.0000.
|
CWE-79
Cross-site Scripting
|
CVE-2021-22503
|
2024-09-19 23:25 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309235
|
9.1 |
CRITICAL
Network
|
microfocus
|
edirectory
|
Possible Insertion of Sensitive Information into Log File Vulnerability
in eDirectory has been discovered in
OpenText™ eDirectory 9.2.4.0000.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-22533
|
2024-09-19 23:24 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309236
|
7.5 |
HIGH
Network
|
microfocus
|
edirectory
|
Possible NLDAP Denial of Service attack Vulnerability
in eDirectory has been discovered in
OpenText™
eDirectory before 9.2.4.0000.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-22532
|
2024-09-19 23:22 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309237
|
7.5 |
HIGH
Network
|
cisco
|
smart_license_utility
|
A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information.
This vulnerability is due to excessive verbosity in a debug log fi…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-20440
|
2024-09-19 22:42 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309238
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
libfs: fix infinite directory reads for offset dir
After we switch tmpfs dir operations from simple_dir_operations to
simple_offs…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-46701
|
2024-09-19 22:40 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309239
|
5.4 |
MEDIUM
Network
|
share_this_image_project
|
share_this_image
|
The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alignment' parameter in all versions up to, and including, 2.01 due to insufficient input sanitization …
|
CWE-79
Cross-site Scripting
|
CVE-2024-8108
|
2024-09-19 22:37 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309240
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
thunderbolt: Mark XDomain as unplugged when router is removed
I noticed that when we do discrete host router NVM upgrade and it g…
|
NVD-CWE-noinfo
|
CVE-2024-46702
|
2024-09-19 22:35 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
