|
306461
|
4.3 |
MEDIUM
Network
|
agnai
|
agnai
|
Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen loca…
|
CWE-22
Path Traversal
|
CVE-2024-47171
|
2024-10-31 05:46 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306462
|
4.8 |
MEDIUM
Network
|
netgate
|
pfsense
|
A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_e…
|
CWE-79
Cross-site Scripting
|
CVE-2024-46538
|
2024-10-31 05:45 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306463
|
7.5 |
HIGH
Network
|
apple
|
xcode
|
This issue was addressed with improved permissions checking. This issue is fixed in Xcode 16. An app may be able to inherit Xcode permissions and access user data.
|
NVD-CWE-noinfo
|
CVE-2024-44228
|
2024-10-31 05:35 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306464
|
- |
|
-
|
-
|
Ironman PowerShell Universal 5.x before 5.0.12 allows an authenticated attacker to elevate their privileges and view job information.
|
-
|
CVE-2024-50616
|
2024-10-31 05:35 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306465
|
- |
|
-
|
-
|
TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.
|
-
|
CVE-2024-50615
|
2024-10-31 05:35 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306466
|
- |
|
-
|
-
|
TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.
|
-
|
CVE-2024-50614
|
2024-10-31 05:35 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306467
|
- |
|
-
|
-
|
AIML Chatbot 1.0 (fixed in 2.0) is vulnerable to Cross Site Scripting (XSS). The vulnerability is exploited through the message input field, where attackers can inject malicious HTML or JavaScript co…
|
-
|
CVE-2024-48396
|
2024-10-31 05:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306468
|
7.5 |
HIGH
Network
|
octavolabs
|
vernemq
|
A memory allocation issue in vernemq v2.0.1 allows attackers to cause a Denial of Service (DoS) via excessive memory consumption.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-44459
|
2024-10-31 05:35 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306469
|
- |
|
-
|
-
|
A cross-site scripting (XSS) vulnerability in the component /email/welcome.php of Mini Inventory and Sales Management System commit 18aa3d allows attackers to execute arbitrary web scripts or HTML vi…
|
-
|
CVE-2024-42550
|
2024-10-31 05:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306470
|
6.8 |
MEDIUM
Physics
|
gncchome
|
gncc_c2_firmware
|
Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to gain a privileged command shell via the UART Debugging Port.
|
CWE-287
Improper Authentication
|
CVE-2024-31800
|
2024-10-31 05:35 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
