|
309681
|
7.5 |
HIGH
Network
|
chimurai
|
http-proxy-middleware
|
Versions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are vulnerable to Denial of Service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch. An at…
|
NVD-CWE-noinfo
|
CVE-2024-21536
|
2024-11-2 03:03 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309682
|
6.5 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote at…
|
CWE-22
Path Traversal
|
CVE-2024-20379
|
2024-11-2 03:02 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309683
|
6.5 |
MEDIUM
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote at…
|
CWE-89
SQL Injection
|
CVE-2024-20340
|
2024-11-2 02:40 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309684
|
- |
|
-
|
-
|
Phpgurukul Teachers Record Management System v2.1 is vulnerable to SQL Injection in add-teacher.php via the mobile number or email parameter.
|
-
|
CVE-2024-51063
|
2024-11-2 02:35 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309685
|
- |
|
-
|
-
|
Projectworlds Online Admission System v1 is vulnerable to SQL Injection in index.php via the 'a_id' parameter.
|
-
|
CVE-2024-51060
|
2024-11-2 02:35 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309686
|
5.9 |
MEDIUM
Network
|
cisco
|
adaptive_security_appliance_software
firepower_threat_defense_software
|
A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software …
|
CWE-331
Insufficient Entropy
|
CVE-2024-20331
|
2024-11-2 02:32 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309687
|
5.4 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack ag…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20377
|
2024-11-2 02:30 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309688
|
6.1 |
MEDIUM
Network
|
maxfoundry
|
social_share_buttons
|
The WordPress Social Share Buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9219
|
2024-11-2 02:30 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309689
|
6.1 |
MEDIUM
Network
|
cisco
|
adaptive_security_appliance_software
firepower_threat_defense_software
|
A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote att…
|
CWE-79
Cross-site Scripting
|
CVE-2024-20341
|
2024-11-2 02:22 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309690
|
- |
|
-
|
-
|
Zusam is a free and open-source way to self-host private forums. Prior to version 0.5.6, specially crafted SVG files uploaded to the service as images allow for unrestricted script execution on (raw)…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51492
|
2024-11-2 02:15 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
