|
306351
|
6.1 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attac…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20415
|
2024-11-1 04:17 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306352
|
6.1 |
MEDIUM
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attac…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20273
|
2024-11-1 04:09 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306353
|
5.4 |
MEDIUM
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack …
|
CWE-79
Cross-site Scripting
|
CVE-2024-20264
|
2024-11-1 04:04 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306354
|
6.5 |
MEDIUM
Network
|
lunary
|
lunary
|
lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification API (/v1/users/send-verification) and Sign up API (/auth/signup). An unauthenticated attacker can inj…
|
CWE-74
Injection
|
CVE-2024-7472
|
2024-11-1 03:46 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306355
|
9.8 |
CRITICAL
Network
|
langchain
|
langchain
|
A vulnerability in the GraphCypherQAChain class of langchain-ai/langchainjs versions 0.2.5 and all versions with this class allows for prompt injection, leading to SQL injection. This vulnerability p…
|
CWE-89
SQL Injection
|
CVE-2024-7042
|
2024-11-1 03:36 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306356
|
9.1 |
CRITICAL
Network
|
gaizhenbiao
|
chuanhuchatgpt
|
A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions <= 20240410. This vulnerability allows an attacker to gain unauthorized access to overwrite critical configuration files w…
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2024-5823
|
2024-11-1 03:05 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306357
|
- |
|
-
|
-
|
TYPO3 before 13.3.1 allows denial of service (interface error) in the Bookmark Toolbar (ext:backend), exploitable by an administrator-level backend user account via manipulated data saved in the book…
|
-
|
CVE-2024-34537
|
2024-11-1 02:15 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306358
|
7.5 |
HIGH
Network
|
-
|
-
|
IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user in a specifically defined role, to bypass security restrictions and execute actions against the queue m…
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2024-40681
|
2024-11-1 02:15 |
2024-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306359
|
5.5 |
MEDIUM
Local
|
ibm
|
mq_operator
|
IBM MQ 9.3 CD and 9.4 LTS/CD could allow a local user to cause a denial of service due to improper memory allocation causing a segmentation fault.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-40680
|
2024-11-1 02:15 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306360
|
5.4 |
MEDIUM
Network
|
tychesoftwares
|
arconix_shortcodes
|
The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'box' shortcode in all versions up to, and including, 2.1.13 due to insufficient input saniti…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10226
|
2024-11-1 01:48 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
