|
311891
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged a…
|
CWE-284
Improper Access Control
|
CVE-2024-45118
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311892
|
7.6 |
HIGH
Network
|
-
|
-
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker…
|
CWE-20
Improper Input Validation
|
CVE-2024-45117
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311893
|
8.1 |
HIGH
Network
|
-
|
-
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code. If an admin a…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45116
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311894
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could explo…
|
CWE-287
Improper Authentication
|
CVE-2024-45115
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311895
|
- |
|
-
|
-
|
An Insecure Direct Object Reference (IDOR) vulnerability exists in open-webui/open-webui version v0.3.8. The vulnerability occurs in the API endpoint `http://0.0.0.0:3000/api/v1/memories/{id}/update`…
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2024-7041
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311896
|
- |
|
-
|
-
|
In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due to unsanitized file.filename concatenation with CACHE_DIR. This vul…
|
CWE-22
Path Traversal
|
CVE-2024-7037
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311897
|
7.5 |
HIGH
Network
|
-
|
-
|
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker se…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-39525
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311898
|
7.5 |
HIGH
Network
|
-
|
-
|
An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacke…
|
CWE-1288
Improper Validation of Consistency within Input
|
CVE-2024-39515
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311899
|
- |
|
-
|
-
|
VMware NSX contains a local privilege escalation vulnerability.
An authenticated malicious actor may exploit this vulnerability to obtain permissions from a separate group role than previously assi…
|
-
|
CVE-2024-38818
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311900
|
- |
|
-
|
-
|
VMware NSX contains a content spoofing vulnerability.
An unauthenticated malicious actor may be able to craft a URL and redirect a victim to an attacker controlled domain leading to sensitive infor…
|
-
|
CVE-2024-38815
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
