|
306921
|
- |
|
-
|
-
|
Cachi2 is a command-line interface tool that pre-fetches a project's dependencies to aid in making the project's build process network-isolated. Prior to version 0.14.0, secrets may be shown in logs …
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2024-52582
|
2024-11-20 01:15 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306922
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: propagate directory read errors from nilfs_find_entry()
Syzbot reported that a task hang occurs in vcs_open() during a fu…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-50202
|
2024-11-20 01:12 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306923
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/radeon: Fix encoder->possible_clones
Include the encoder itself in its possible_clones bitmask.
In the past nothing validated…
|
NVD-CWE-noinfo
|
CVE-2024-50201
|
2024-11-20 01:08 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306924
|
4.8 |
MEDIUM
Network
|
open-emr
|
openemr
|
A stored cross-site scripting (XSS) vulnerability exists in openemr/openemr version 7.0.1. An attacker can inject malicious payloads into the 'inputBody' field in the Secure Messaging feature, which …
|
CWE-79
Cross-site Scripting
|
CVE-2024-0875
|
2024-11-20 01:03 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306925
|
7.5 |
HIGH
Network
|
schneider-electric
|
powerlogic_pm5341_firmware
powerlogic_pm5340_firmware
powerlogic_pm5320_firmware
|
CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to become
unresponsive resulting in communication loss when a large amount of IGMP packets is present in…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-9409
|
2024-11-20 00:59 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306926
|
4.8 |
MEDIUM
Network
|
vektor-inc
|
vk_all_in_one_expansion_unit
|
Cross-site scripting vulnerability exists in VK All in One Expansion Unit versions prior to 9.100.1.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of th…
|
CWE-79
Cross-site Scripting
|
CVE-2024-52268
|
2024-11-20 00:57 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306927
|
4.8 |
MEDIUM
Network
|
pimcore
|
pimcore
|
A stored Cross-site Scripting (XSS) vulnerability exists in the Conditions tab of Pricing Rules in pimcore/pimcore versions 10.5.19. The vulnerability is present in the From and To fields of the Date…
|
CWE-79
Cross-site Scripting
|
CVE-2023-2332
|
2024-11-20 00:55 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306928
|
5.4 |
MEDIUM
Network
|
royal-elementor-addons
|
royal_elementor_addons
|
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 1.7.1001 due to insu…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9668
|
2024-11-20 00:55 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306929
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-…
|
CWE-416
Use After Free
|
CVE-2023-4679
|
2024-11-20 00:54 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306930
|
5.9 |
MEDIUM
Network
|
phpipam
|
phpipam
|
phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. The issue lies in the 'get…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2024-0787
|
2024-11-20 00:53 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
