|
310381
|
7.2 |
HIGH
Network
|
ivanti
|
endpoint_manager
|
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code …
|
CWE-89
SQL Injection
|
CVE-2024-50326
|
2024-11-19 03:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310382
|
9.8 |
CRITICAL
Network
|
gzequan
|
eq_enterprise_management_system
|
An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests.
|
CWE-22
Path Traversal
|
CVE-2024-44761
|
2024-11-19 03:15 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310383
|
6.1 |
MEDIUM
Network
|
cysoft168
|
super_easy_enterprise_management_system
|
Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html …
|
CWE-79
Cross-site Scripting
|
CVE-2024-42678
|
2024-11-19 03:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310384
|
7.2 |
HIGH
Network
|
ivanti
|
endpoint_manager
|
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code …
|
CWE-89
SQL Injection
|
CVE-2024-50328
|
2024-11-19 03:08 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310385
|
8.8 |
HIGH
Network
|
ivanti
|
endpoint_manager
|
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution. User int…
|
CWE-22
Path Traversal
|
CVE-2024-50329
|
2024-11-19 03:07 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310386
|
7.8 |
HIGH
Local
|
adobe
|
photoshop
|
Photoshop Desktop versions 24.7.3, 25.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the curren…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2024-49514
|
2024-11-19 03:06 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310387
|
6.5 |
MEDIUM
Network
|
progress
|
telerik_document_processing_libraries
|
In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 (2024.4.1106), importing a document with unsupported features can lead to excessive processing, leading to excessive use o…
|
NVD-CWE-noinfo
|
CVE-2024-8049
|
2024-11-19 02:46 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310388
|
6.2 |
MEDIUM
Local
|
progress
|
telerik_report_server
|
In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this informat…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-7295
|
2024-11-19 02:41 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310389
|
- |
|
-
|
-
|
A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected syste…
|
CWE-200
Information Exposure
|
CVE-2020-3525
|
2024-11-19 02:35 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310390
|
- |
|
-
|
-
|
Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions (in broadcast mode) via multiple read o…
|
-
|
CVE-2024-52876
|
2024-11-19 02:35 |
2024-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
