|
312581
|
6.1 |
MEDIUM
Network
|
rws
|
multitrans
|
Multiple stored cross-site scripting (XSS) vulnerabilities in RWS MultiTrans v7.0.23324.2 and earlier allow attackers to execute arbitrary web scripts or HTML via a crafted payload.
|
CWE-79
Cross-site Scripting
|
CVE-2024-43024
|
2024-09-29 09:27 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312582
|
5.6 |
MEDIUM
Local
|
microsoft
|
windows_11_22h2
windows_11_23h2
|
Windows Kernel Information Disclosure Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-37985
|
2024-09-29 09:26 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312583
|
4.9 |
MEDIUM
Network
|
ibm
|
business_automation_workflow
|
IBM Business Automation Workflow
22.0.2, 23.0.1, 23.0.2, and 24.0.0
could allow a privileged user to perform unauthorized activities due to improper client side validation.
|
NVD-CWE-Other
|
CVE-2024-43188
|
2024-09-29 09:24 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312584
|
9.0 |
CRITICAL
Network
|
acquia
|
mautic
|
Prior to the patched version, there is an XSS vulnerability in the description fields within the Mautic application which could be exploited by a logged in user of Mautic with the appropriate permiss…
|
CWE-79
Cross-site Scripting
|
CVE-2021-27915
|
2024-09-29 09:22 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312585
|
7.8 |
HIGH
Local
|
apple
|
xcode
|
This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 16. A malicious application may gain access to a user's Keychain items.
|
NVD-CWE-noinfo
|
CVE-2024-44162
|
2024-09-29 09:16 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312586
|
4.8 |
MEDIUM
Network
|
decidim
|
decidim
|
decidim is a Free Open-Source participatory democracy, citizen participation and open government for cities and organizations. The admin panel is subject to potential Cross-site scripting (XSS) attac…
|
CWE-79
Cross-site Scripting
|
CVE-2024-32034
|
2024-09-29 09:14 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312587
|
5.9 |
MEDIUM
Network
|
alf
|
alf
|
alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, a race condition allows the user to bypass the limit on the number of…
|
CWE-362
Race Condition
|
CVE-2024-45300
|
2024-09-29 09:08 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312588
|
5.3 |
MEDIUM
Network
|
phoenixcontact
|
tc_mguard_rs4000_4g_vzw_vpn_firmware
tc_mguard_rs4000_4g_vpn_firmware
tc_mguard_rs4000_4g_att_vpn_firmware
tc_mguard_rs4000_3g_vpn_firmware
tc_mguard_rs2000_4g_vzw_vpn_firmware
tc_mgua…
|
An unauthenticated remote attacker can exploit the behavior of the pathfinder TCP encapsulation service by establishing a high number of TCP connections to the pathfinder TCP encapsulation service. T…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-7734
|
2024-09-29 08:56 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312589
|
8.8 |
HIGH
Network
|
qnap
|
music_station
|
An improper authentication vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to compromise the security of the system via a network.
We have …
|
CWE-287
Improper Authentication
|
CVE-2023-45038
|
2024-09-29 08:51 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312590
|
8.8 |
HIGH
Network
|
qnap
|
video_station
|
An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network.
We have already fi…
|
CWE-78
CWE-77
OS Command
Command Injection
|
CVE-2023-47563
|
2024-09-29 08:47 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
