|
313421
|
6.5 |
MEDIUM
Network
|
opendaylight
|
model-driven_service_abstraction_layer
|
In OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment.
|
NVD-CWE-noinfo
|
CVE-2024-46942
|
2024-09-26 03:08 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313422
|
5.4 |
MEDIUM
Network
|
workdo
|
crmgo_saas
|
A vulnerability classified as problematic was found in CodeCanyon CRMGo SaaS 7.2. This vulnerability affects unknown code of the file /deal/{note_id}/note. The manipulation of the argument notes lead…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9030
|
2024-09-26 03:01 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313423
|
9.8 |
CRITICAL
Network
|
cellopoint
|
secure_email_gateway
|
Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Remote unauthenticated attackers can send crafted packets to crash the process, thereby bypassing aut…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-9043
|
2024-09-26 02:54 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313424
|
9.8 |
CRITICAL
Network
|
medialibs
|
webo-facto
|
The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it…
|
NVD-CWE-noinfo
|
CVE-2024-8853
|
2024-09-26 02:49 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313425
|
9.8 |
CRITICAL
Network
|
gematik
|
reference_validator
|
The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons p…
|
CWE-611
XXE
|
CVE-2024-46984
|
2024-09-26 02:49 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313426
|
9.8 |
CRITICAL
Network
|
code-projects
|
crud_operation_system
|
A vulnerability, which was classified as critical, was found in code-projects Crud Operation System 1.0. Affected is an unknown function of the file updata.php. The manipulation of the argument sid l…
|
CWE-89
SQL Injection
|
CVE-2024-9011
|
2024-09-26 02:48 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313427
|
9.8 |
CRITICAL
Network
|
fabianros
|
online_quiz_site
|
A vulnerability, which was classified as critical, has been found in code-projects Online Quiz Site 1.0. This issue affects some unknown processing of the file showtest.php. The manipulation of the a…
|
CWE-89
SQL Injection
|
CVE-2024-9009
|
2024-09-26 02:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313428
|
9.8 |
CRITICAL
Network
|
antfin
|
sofa-hessian
|
sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous cla…
|
NVD-CWE-noinfo
|
CVE-2024-46983
|
2024-09-26 02:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313429
|
7.5 |
HIGH
Network
|
traefik
|
traefik
|
Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the req…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2024-45410
|
2024-09-26 02:39 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313430
|
9.8 |
CRITICAL
Network
|
d7y
|
dragonfly
|
Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2023-27584
|
2024-09-26 02:28 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
