|
308981
|
- |
|
-
|
-
|
Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially control the performance of the resource.
|
-
|
CVE-2024-47972
|
2024-11-7 02:35 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308982
|
9.8 |
CRITICAL
Network
|
codezips
|
isp_management_system
|
A vulnerability was found in Codezips ISP Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file pay.php. The manipulation of the argument …
|
CWE-89
SQL Injection
|
CVE-2024-10751
|
2024-11-7 02:34 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308983
|
4.8 |
MEDIUM
Network
|
podsfoundation
|
pods
|
The Pods WordPress plugin before 3.2.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even w…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9883
|
2024-11-7 02:32 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308984
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function getOneFileDirectory of the file /com/esafenet/servlet/fileManagement/FileDirectory…
|
CWE-89
SQL Injection
|
CVE-2024-10502
|
2024-11-7 02:20 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308985
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function findById of the file /com/esafenet/servlet/document/ExamCDGDocService.java. The manipulation …
|
CWE-89
SQL Injection
|
CVE-2024-10501
|
2024-11-7 02:20 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308986
|
5.4 |
MEDIUM
Network
|
neumann
|
n-line
|
N-LINE 2.0.6 and prior versions contain a code injection vulnerability. If this vulnerability is exploited, arbitrary code may be executed on the instructor's browser, or the instructor may be direct…
|
CWE-94
Code Injection
|
CVE-2024-47158
|
2024-11-7 02:10 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308987
|
7.5 |
HIGH
Network
|
neumann
|
musasi
|
MUSASI version 3 contains an issue with use of client-side authentication. If this vulnerability is exploited, other users' credential and sensitive information may be retrieved.
|
NVD-CWE-Other
|
CVE-2024-45785
|
2024-11-7 02:08 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308988
|
9.8 |
CRITICAL
Network
|
dfactory
|
responsive_lightbox
|
Missing Authorization vulnerability in dFactory Responsive Lightbox allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Responsive Lightbox: from n/a through 2.4.7.
|
CWE-862
Missing Authorization
|
CVE-2024-43924
|
2024-11-7 02:03 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308989
|
6.5 |
MEDIUM
Network
|
sonatype
|
nexus
|
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-5764
|
2024-11-7 01:41 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308990
|
7.2 |
HIGH
Network
|
wuzhicms
|
wuzhicms
|
A vulnerability was found in wuzhicms 4.1.0. It has been classified as critical. Affected is the function add/edit of the file www/coreframe/app/content/admin/block.php. The manipulation leads to cod…
|
CWE-94
Code Injection
|
CVE-2024-10505
|
2024-11-7 01:38 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
