|
306801
|
9.8 |
CRITICAL
Network
|
langchain
|
langchain
|
A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulatio…
|
CWE-74
Injection
|
CVE-2024-8309
|
2024-11-2 04:19 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306802
|
4.3 |
MEDIUM
Network
|
giuliopanda
|
bulk_images_optimizer
|
The Bulk images optimizer: Resize, optimize, convert to webp, rename … plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_configura…
|
CWE-862
Missing Authorization
|
CVE-2024-9361
|
2024-11-2 03:46 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306803
|
9.8 |
CRITICAL
Network
|
zte
|
wrtm326_firmware
|
The wireless router WRTM326 from SECOM does not properly validate a specific parameter. An unauthenticated remote attacker could execute arbitrary system commands by sending crafted requests.
|
CWE-78
OS Command
|
CVE-2024-10119
|
2024-11-2 03:40 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306804
|
6.5 |
MEDIUM
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank Management System 1.0. Affected by this issue is some unknown functionality of the file /file/delete.p…
|
CWE-352
Origin Validation Error
|
CVE-2024-10448
|
2024-11-2 03:26 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306805
|
4.3 |
MEDIUM
Network
|
infinite-scroll
|
infinite-scroll
|
The Infinite-Scroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.2. This is due to missing or incorrect nonce validation on the process_a…
|
CWE-352
Origin Validation Error
|
CVE-2024-10040
|
2024-11-2 03:26 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306806
|
6.5 |
MEDIUM
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an af…
|
CWE-89
SQL Injection
|
CVE-2024-20472
|
2024-11-2 03:22 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306807
|
6.5 |
MEDIUM
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an af…
|
CWE-89
SQL Injection
|
CVE-2024-20471
|
2024-11-2 03:16 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306808
|
6.5 |
MEDIUM
Network
|
cisco
|
anyconnect_secure_mobility_client
secure_client
|
A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secur…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2024-20474
|
2024-11-2 03:14 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306809
|
8.8 |
HIGH
Network
|
grafana
|
grafana
|
The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, le…
|
CWE-77
Command Injection
|
CVE-2024-9264
|
2024-11-2 03:14 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306810
|
6.5 |
MEDIUM
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an af…
|
CWE-89
SQL Injection
|
CVE-2024-20473
|
2024-11-2 03:09 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
