|
313601
|
9.8 |
CRITICAL
Network
|
eyecix
|
jobsearch_wp_job_board
|
Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.3.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-43931
|
2024-09-14 06:22 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313602
|
5.4 |
MEDIUM
Network
|
qnap
|
notes_station_3
|
A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We hav…
|
CWE-79
Cross-site Scripting
|
CVE-2024-27122
|
2024-09-14 06:16 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313603
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
|
-
|
CVE-2024-40430
|
2024-09-14 06:15 |
2024-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313604
|
8.8 |
HIGH
Network
|
qnap
|
qts
quts_hero
|
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.
QuTSclou…
|
CWE-78
OS Command
|
CVE-2023-34974
|
2024-09-14 06:14 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313605
|
6.2 |
MEDIUM
Local
|
huawei
|
emui
harmonyos
|
Vulnerability of uncaught exceptions in the Graphics module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-42037
|
2024-09-14 06:13 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313606
|
6.1 |
MEDIUM
Network
|
qnap
|
qulog_center
|
A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow users to inject malicious code via a network.
We have already fixed t…
|
CWE-79
Cross-site Scripting
|
CVE-2024-32762
|
2024-09-14 06:10 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313607
|
7.5 |
HIGH
Network
|
huawei
|
harmonyos
emui
|
Access permission verification vulnerability in the Notepad module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-42036
|
2024-09-14 06:09 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313608
|
9.8 |
CRITICAL
Network
|
wpwebelite
|
docket
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPWeb Elite Docket (WooCommerce Collections / Wishlist / Watchlist) allows SQL Injection.This iss…
|
CWE-89
SQL Injection
|
CVE-2024-43132
|
2024-09-14 06:07 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313609
|
4.8 |
MEDIUM
Network
|
qnap
|
helpdesk
|
A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network.
We h…
|
CWE-79
Cross-site Scripting
|
CVE-2024-27125
|
2024-09-14 06:06 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313610
|
7.2 |
HIGH
Network
|
salonbookingsystem
|
salon_booking_system
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Salon Booking System Salon booking system allows SQL Injection.This issue affects Salon booking s…
|
CWE-89
SQL Injection
|
CVE-2024-39658
|
2024-09-14 06:04 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
