|
314571
|
9.8 |
CRITICAL
Network
|
rems
|
contact_manager_with_export_to_vcf
|
A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been rated as critical. This issue affects some unknown processing of the file /endpoint/delete-account.php …
|
CWE-89
SQL Injection
|
CVE-2024-8380
|
2024-09-4 23:58 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314572
|
5.4 |
MEDIUM
Network
|
3ds
|
3dexperience_enovia
|
A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute …
|
CWE-79
Cross-site Scripting
|
CVE-2024-8004
|
2024-09-4 23:56 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314573
|
5.4 |
MEDIUM
Network
|
3ds
|
3dexperience
|
A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7938
|
2024-09-4 23:53 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314574
|
6.1 |
MEDIUM
Network
|
checkmk
|
checkmk
|
Improper neutralization of input in Checkmk before version 2.3.0p14 allows attackers to inject and run malicious scripts in the Robotmk logs view.
|
CWE-79
Cross-site Scripting
|
CVE-2024-38858
|
2024-09-4 23:39 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314575
|
6.5 |
MEDIUM
Network
|
hashicorp
|
vault
|
Vault Community Edition and Vault Enterprise experienced a regression where functionality that HMAC’d sensitive headers in the configured audit device, specifically client tokens and token accessors,…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-8365
|
2024-09-4 23:37 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314576
|
- |
|
-
|
-
|
Use after free in WebAudio in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
-
|
CVE-2024-8362
|
2024-09-4 23:35 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314577
|
- |
|
-
|
-
|
Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
-
|
CVE-2024-7970
|
2024-09-4 23:35 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314578
|
- |
|
-
|
-
|
A remote code execution (RCE) vulnerability exists in the Pi Camera project, version 1.0, maintained by RECANTHA. The issue arises from improper sanitization of user input passed to the "position" GE…
|
-
|
CVE-2024-44809
|
2024-09-4 23:35 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314579
|
6.1 |
MEDIUM
Network
|
memberpress
|
memberpress
|
The Memberpress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mepr_screenname' and 'mepr_key' parameter in all versions up to, and including, 1.11.29 due to insufficie…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5024
|
2024-09-4 23:33 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314580
|
5.4 |
MEDIUM
Network
|
wpvibes
|
elementor_addon_elements
|
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ and 'eae_slider_animation' parameters in all versions up to, and including, 1.13.5 due to i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-4401
|
2024-09-4 23:33 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
