|
309441
|
4.9 |
MEDIUM
Network
|
mayurik
|
petrol_pump_management
|
A vulnerability classified as critical was found in SourceCodester Petrol Pump Management Software 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/print.php. The ma…
|
CWE-89
SQL Injection
|
CVE-2024-10354
|
2024-10-31 01:32 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309442
|
7.2 |
HIGH
Network
|
oretnom23
|
online_exam_system
|
A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. Affected is an unknown function of the file /admin-dashboard. The manipulation leads to improper access…
|
NVD-CWE-noinfo
|
CVE-2024-10353
|
2024-10-31 01:21 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309443
|
6.1 |
MEDIUM
Network
|
archerirm
|
archer
|
Reflected XSS was discovered in an iView List Archer Platform UX page in Archer Platform 6.x before version 2024.09. A remote unauthenticated attacker could potentially exploit this by tricking a vic…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49210
|
2024-10-31 01:13 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309444
|
6.1 |
MEDIUM
Network
|
archerirm
|
archer
|
Reflected XSS was discovered in a Dashboard Listing Archer Platform UX page in Archer Platform 6.x before version 2024.08. A remote unauthenticated attacker could potentially exploit this by tricking…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49211
|
2024-10-31 01:08 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309445
|
5.4 |
MEDIUM
Network
|
wordpress
|
wordpress
|
WordPress Core, in versions up to 6.0.2, is vulnerable to Authenticated Stored Cross-Site Scripting that can be exploited by users with access to the WordPress post and page editor, typically consist…
|
CWE-79
Cross-site Scripting
|
CVE-2022-4973
|
2024-10-31 00:58 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309446
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ublk: don't allow user copy for unprivileged device
UBLK_F_USER_COPY requires userspace to call write() on ublk char
device for f…
|
NVD-CWE-noinfo
|
CVE-2024-50080
|
2024-10-31 00:54 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309447
|
9.1 |
CRITICAL
Network
|
siemens
|
intermesh_7177_hybrid_2.0_subscriber
intermesh_7707_fire_subscriber_firmware
|
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which…
|
NVD-CWE-noinfo
|
CVE-2024-47903
|
2024-10-31 00:54 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309448
|
9.8 |
CRITICAL
Network
|
siemens
|
intermesh_7177_hybrid_2.0_subscriber
intermesh_7707_fire_subscriber_firmware
|
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-47902
|
2024-10-31 00:48 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309449
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
blk-mq: setup queue ->tag_set before initializing hctx
Commit 7b815817aa58 ("blk-mq: add helper for checking if one CPU is mapped…
|
NVD-CWE-noinfo
|
CVE-2024-50081
|
2024-10-31 00:45 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309450
|
7.8 |
HIGH
Local
|
siemens
|
intermesh_7177_hybrid_2.0_subscriber
intermesh_7707_fire_subscriber_firmware
|
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which…
|
NVD-CWE-noinfo
|
CVE-2024-47904
|
2024-10-31 00:39 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
