CVE ID | Published | Description | Score | Severity | |
---|---|---|---|---|---|
CVE-2024-7254 | 2024-09-19 00:18 +00:00 | Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested gr... |
8.7 |
HIGH |
|
CVE-2024-34399 | 2024-09-17 22:00 +00:00 | **UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An unauthentica... Authorization problems |
9.8 |
CRITICAL |
|
CVE-2023-41610 | 2024-09-17 22:00 +00:00 | Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in plaintex... |
8.8 |
HIGH |
|
CVE-2024-46986 | 2024-09-18 17:14 +00:00 | Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrar... |
10 |
CRITICAL |
|
CVE-2023-47105 | 2024-09-17 22:00 +00:00 | exec.CommandContext in Chaosblade 0.3 through 1.7.3, when server mode is used, allows OS command exe... OS Command Injection |
8.6 |
HIGH |
|
CVE-2024-46086 | 2024-09-17 22:00 +00:00 | FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admi... Cross-Site Request Forgery - CSRF |
8.8 |
HIGH |
|
CVE-2022-25776 | 2024-09-18 15:06 +00:00 | Prior to the patched version, logged in users of Mautic are able to access areas of the application ... |
8.3 |
HIGH |
|
CVE-2024-35515 | 2024-09-17 22:00 +00:00 | Insecure deserialization in sqlitedict up to v2.1.0 allows attackers to execute arbitrary code.... Code Injection |
9.8 |
CRITICAL |
|
CVE-2024-6878 | 2024-09-18 14:55 +00:00 | Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Coll... |
9.2 |
CRITICAL |
|
CVE-2024-34026 | 2024-09-18 14:35 +00:00 | A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functio... |
9 |
CRITICAL |
|
CVE-2024-5958 | 2024-09-18 14:42 +00:00 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i... SQL Injection |
9.4 |
CRITICAL |
|
CVE-2024-5959 | 2024-09-18 14:44 +00:00 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab... Cross-site Scripting |
9.3 |
CRITICAL |
|
CVE-2024-5960 | 2024-09-18 14:49 +00:00 | Plaintext Storage of a Password vulnerability in Eliz Software Panel allows : Use of Known Domain Cr... |
9.3 |
CRITICAL |
|
CVE-2024-6877 | 2024-09-18 14:51 +00:00 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerab... Cross-site Scripting |
9.4 |
CRITICAL |
|
CVE-2024-44542 | 2024-09-17 22:00 +00:00 | SQL Injection vulnerability in todesk v.1.1 allows a remote attacker to execute arbitrary code via t... SQL Injection |
9.8 |
CRITICAL |