|
304641
|
7.2 |
HIGH
Network
|
surajkumarvishwakarma
|
real_estate_management_system
|
A vulnerability was found in CodeAstro Real Estate Management System up to 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /aboutedit.php of the component A…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11058
|
2024-11-14 08:03 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304642
|
9.8 |
CRITICAL
Network
|
ruijie
|
rg-nbs2009g-p_firmware
|
Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release (9736) allows a remote attacker to gain privileges via the login check state component.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-24117
|
2024-11-14 07:56 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304643
|
8.8 |
HIGH
Network
|
ultrapress
|
empowerment
|
The Empowerment theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.2 via deserialization of untrusted input. This makes it possible for authenticated …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-7433
|
2024-11-14 07:04 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304644
|
8.8 |
HIGH
Network
|
ultrapress
|
unseen_blog
|
The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input. This makes it possible for authenticated …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-7432
|
2024-11-14 07:03 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304645
|
3.7 |
LOW
Network
|
netadmin
|
netadmin_iam
|
A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /controller/api/Answer/ReturnUser…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-9513
|
2024-11-14 06:57 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304646
|
9.8 |
CRITICAL
Network
|
ruijie
|
rg-nbs2009g-p_firmware
|
An issue in Ruijie RG-NBS2009G-P RGOS v.10.4(1)P2 Release(9736) allows a remote attacker to gain privileges via the system/config_menu.htm.
|
NVD-CWE-noinfo
|
CVE-2024-24116
|
2024-11-14 06:43 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304647
|
- |
|
-
|
-
|
wasm3 139076a is vulnerable to Denial of Service (DoS).
|
-
|
CVE-2024-27527
|
2024-11-14 06:35 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304648
|
8.1 |
HIGH
Network
|
parseplatform
|
parse_server
|
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. If the Parse Server option allowCustomObjectId: true is set, an attacker that is allowed to cre…
|
CWE-863
Incorrect Authorization
|
CVE-2024-47183
|
2024-11-14 06:15 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304649
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix out-of-bounds write in trie_get_next_key()
trie_get_next_key() allocates a node stack with size trie->max_prefixlen,
whi…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-50262
|
2024-11-14 06:10 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304650
|
9.8 |
CRITICAL
Network
|
dlink
|
di-8003_firmware
|
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical. Affected is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argume…
|
CWE-78
CWE-77
OS Command
Command Injection
|
CVE-2024-11046
|
2024-11-14 06:01 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
