|
304501
|
- |
|
-
|
-
|
Ruijie NBR800G gateway NBR_RGOS_11.1(6)B4P9 is vulnerable to command execution in /itbox_pi/networksafe.php via the province parameter.
|
-
|
CVE-2024-51027
|
2024-11-15 22:58 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304502
|
- |
|
-
|
-
|
A buffer overflow in the RecvSocketData function of Inovance HCPLC_AM401-CPU1608TPTN 21.38.0.0, HCPLC_AM402-CPU1608TPTN 41.38.0.0, and HCPLC_AM403-CPU1608TN 81.38.0.0 allows attackers to cause a Deni…
|
-
|
CVE-2024-50956
|
2024-11-15 22:58 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304503
|
- |
|
-
|
-
|
Jenkins Shared Library Version Override Plugin 17.v786074c9fce7 and earlier declares folder-scoped library overrides as trusted, so that they're not executed in the Script Security sandbox, allowing …
|
-
|
CVE-2024-52554
|
2024-11-15 22:58 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304504
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2023-4348
|
2024-11-15 21:15 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304505
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device…
|
CWE-78
OS Command
|
CVE-2024-11120
|
2024-11-15 11:15 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304506
|
9.1 |
CRITICAL
Network
|
paloaltonetworks
|
expedition
|
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, a…
|
CWE-89
SQL Injection
|
CVE-2024-9465
|
2024-11-15 11:00 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304507
|
7.5 |
HIGH
Network
|
paloaltonetworks
|
expedition
|
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cle…
|
CWE-78
OS Command
|
CVE-2024-9463
|
2024-11-15 11:00 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304508
|
5.4 |
MEDIUM
Network
|
ladybirdweb
|
faveo_helpdesk
|
An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Premise and Cloud) 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields
|
CWE-79
Cross-site Scripting
|
CVE-2024-51377
|
2024-11-15 08:23 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304509
|
9.8 |
CRITICAL
Network
|
olivegroup
|
olivevle
|
An issue in Olive VLE allows an attacker to obtain sensitive information via the reset password function.
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2024-48428
|
2024-11-15 08:15 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304510
|
7.5 |
HIGH
Network
|
plenti
|
plenti
|
Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write deletion when a plenti use…
|
CWE-22
Path Traversal
|
CVE-2024-49381
|
2024-11-15 08:04 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
