|
309371
|
- |
|
-
|
-
|
Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended t…
|
-
|
CVE-2024-49400
|
2024-11-2 04:35 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309372
|
- |
|
-
|
-
|
A stored cross-site scripting (XSS) vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
|
-
|
CVE-2024-44573
|
2024-11-2 04:35 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309373
|
9.8 |
CRITICAL
Network
|
langchain
|
langchain
|
A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulatio…
|
CWE-74
Injection
|
CVE-2024-8309
|
2024-11-2 04:19 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309374
|
4.3 |
MEDIUM
Network
|
giuliopanda
|
bulk_images_optimizer
|
The Bulk images optimizer: Resize, optimize, convert to webp, rename … plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_configura…
|
CWE-862
Missing Authorization
|
CVE-2024-9361
|
2024-11-2 03:46 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309375
|
9.8 |
CRITICAL
Network
|
zte
|
wrtm326_firmware
|
The wireless router WRTM326 from SECOM does not properly validate a specific parameter. An unauthenticated remote attacker could execute arbitrary system commands by sending crafted requests.
|
CWE-78
OS Command
|
CVE-2024-10119
|
2024-11-2 03:40 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309376
|
6.5 |
MEDIUM
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank Management System 1.0. Affected by this issue is some unknown functionality of the file /file/delete.p…
|
CWE-352
Origin Validation Error
|
CVE-2024-10448
|
2024-11-2 03:26 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309377
|
4.3 |
MEDIUM
Network
|
infinite-scroll
|
infinite-scroll
|
The Infinite-Scroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.2. This is due to missing or incorrect nonce validation on the process_a…
|
CWE-352
Origin Validation Error
|
CVE-2024-10040
|
2024-11-2 03:26 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309378
|
6.5 |
MEDIUM
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an af…
|
CWE-89
SQL Injection
|
CVE-2024-20472
|
2024-11-2 03:22 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309379
|
6.5 |
MEDIUM
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an af…
|
CWE-89
SQL Injection
|
CVE-2024-20471
|
2024-11-2 03:16 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309380
|
6.5 |
MEDIUM
Network
|
cisco
|
anyconnect_secure_mobility_client
secure_client
|
A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secur…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2024-20474
|
2024-11-2 03:14 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
