|
305421
|
7.5 |
HIGH
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 8.5 is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted request. A remote attacker could exploit this vulner…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-45085
|
2024-11-9 00:13 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305422
|
9.8 |
CRITICAL
Network
|
bg-tek
|
coslat
|
Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics Security Technologies CoslatV3 allows Command Injection.This issue affects CoslatV3: through 3.1069.
…
|
CWE-94
Code Injection
|
CVE-2024-10035
|
2024-11-9 00:11 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305423
|
5.4 |
MEDIUM
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. The "Publish Key" field in SuiteCRM's Edit Profile page is vulnerable to Reflected Cross-Site…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50335
|
2024-11-9 00:09 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305424
|
9.1 |
CRITICAL
Network
|
qualcomm
|
wsa8845h_firmware
wsa8845_firmware
wsa8840_firmware
wsa8835_firmware
wsa8832_firmware
wsa8830_firmware
wsa8815_firmware
wsa8810_firmware
wcn7881_firmware
wcn7880_firmware
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
|
NVD-CWE-noinfo
|
CVE-2024-38408
|
2024-11-9 00:07 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
305425
|
6.1 |
MEDIUM
Network
|
flycart
|
discount_rules_for_woocommerce
|
The Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of a…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8541
|
2024-11-9 00:07 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305426
|
8.8 |
HIGH
Network
|
ibm
|
watson_studio_local
|
IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
|
CWE-352
Origin Validation Error
|
CVE-2024-49340
|
2024-11-9 00:06 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305427
|
4.6 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path travers…
|
CWE-352
Origin Validation Error
|
CVE-2024-46872
|
2024-11-9 00:00 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305428
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nvme-pci: fix race condition between reset and nvme_dev_disable()
nvme_dev_disable() modifies the dev->online_queues field, there…
|
CWE-362
Race Condition
|
CVE-2024-50135
|
2024-11-8 23:34 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305429
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Unregister notifier on eswitch init failure
It otherwise remains registered and a subsequent attempt at eswitch
enablin…
|
NVD-CWE-noinfo
|
CVE-2024-50136
|
2024-11-8 23:31 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305430
|
6.5 |
MEDIUM
Network
|
zte
|
zxr10_1800-2s_firmware
zxr10_2800-4_firmware
zxr10_3800-8_firmware
zxr10_160_firmware
|
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the de…
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2024-22066
|
2024-11-8 23:31 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
