|
309801
|
5.4 |
MEDIUM
Network
|
workdo
|
crmgo_saas
|
A vulnerability classified as problematic was found in CodeCanyon CRMGo SaaS 7.2. This vulnerability affects unknown code of the file /deal/{note_id}/note. The manipulation of the argument notes lead…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9030
|
2024-09-26 03:01 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309802
|
9.8 |
CRITICAL
Network
|
cellopoint
|
secure_email_gateway
|
Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Remote unauthenticated attackers can send crafted packets to crash the process, thereby bypassing aut…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-9043
|
2024-09-26 02:54 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309803
|
9.8 |
CRITICAL
Network
|
medialibs
|
webo-facto
|
The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it…
|
NVD-CWE-noinfo
|
CVE-2024-8853
|
2024-09-26 02:49 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309804
|
9.8 |
CRITICAL
Network
|
gematik
|
reference_validator
|
The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons p…
|
CWE-611
XXE
|
CVE-2024-46984
|
2024-09-26 02:49 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309805
|
9.8 |
CRITICAL
Network
|
code-projects
|
crud_operation_system
|
A vulnerability, which was classified as critical, was found in code-projects Crud Operation System 1.0. Affected is an unknown function of the file updata.php. The manipulation of the argument sid l…
|
CWE-89
SQL Injection
|
CVE-2024-9011
|
2024-09-26 02:48 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309806
|
9.8 |
CRITICAL
Network
|
fabianros
|
online_quiz_site
|
A vulnerability, which was classified as critical, has been found in code-projects Online Quiz Site 1.0. This issue affects some unknown processing of the file showtest.php. The manipulation of the a…
|
CWE-89
SQL Injection
|
CVE-2024-9009
|
2024-09-26 02:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309807
|
9.8 |
CRITICAL
Network
|
antfin
|
sofa-hessian
|
sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous cla…
|
NVD-CWE-noinfo
|
CVE-2024-46983
|
2024-09-26 02:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309808
|
7.5 |
HIGH
Network
|
traefik
|
traefik
|
Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the req…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2024-45410
|
2024-09-26 02:39 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309809
|
9.8 |
CRITICAL
Network
|
d7y
|
dragonfly
|
Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2023-27584
|
2024-09-26 02:28 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309810
|
6.5 |
MEDIUM
Network
|
envoyproxy
|
envoy
|
Envoy is a cloud-native high-performance edge/middle/service proxy. A vulnerability has been identified in Envoy that allows malicious attackers to inject unexpected content into access logs. This is…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2024-45808
|
2024-09-26 02:18 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
