CVE Alert: CVE-2024-7041
Vulnerability Summary: CVE-2024-7041 An Insecure Direct Object Reference (IDOR) vulnerability exists in open-webui/open-webui version v0.3.8. The vulnerability occurs in the...
Vulnerabilities
CVE Alert: CVE-2024-38818
Vulnerability Summary: CVE-2024-38818 VMware NSX contains a local privilege escalation vulnerability. An authenticated malicious actor may exploit this vulnerability to...
CVE Alert: CVE-2024-7037
Vulnerability Summary: CVE-2024-7037 In version v0.3.8 of open-webui/open-webui, the endpoint /api/pipelines/upload is vulnerable to arbitrary file write and delete due...
CVE Alert: CVE-2024-38817
Vulnerability Summary: CVE-2024-38817 Mware NSX contains a command injection vulnerability. A malicious actor with access to the NSX Edge CLI...
CVE Alert: CVE-2024-43611
Vulnerability Summary: CVE-2024-43611 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Affected Endpoints: No affected endpoints listed....
CVE Alert: CVE-2024-47780
Vulnerability Summary: CVE-2024-47780 TYPO3 is a free and open source Content Management Framework. Backend users could see items in the...
CVE Alert: CVE-2024-43614
Vulnerability Summary: CVE-2024-43614 Microsoft Defender for Endpoint for Linux Spoofing Vulnerability Affected Endpoints: No affected endpoints listed. Published Date: 10/8/2024,...
CVE Alert: CVE-2024-43609
Vulnerability Summary: CVE-2024-43609 Microsoft Office Spoofing Vulnerability Affected Endpoints: No affected endpoints listed. Published Date: 10/8/2024, 6:15:29 PM ⚠️ CVSS...
CVE Alert: CVE-2024-43612
Vulnerability Summary: CVE-2024-43612 Power BI Report Server Spoofing Vulnerability Affected Endpoints: No affected endpoints listed. Published Date: 10/8/2024, 6:15:29 PM...
CVE Alert: CVE-2024-46539
Vulnerability Summary: CVE-2024-46539 Insecure permissions in the Bluetooth Low Energy (BLE) component of Fire-Boltt Artillery Smart Watch NJ-R6E-10.3 allow attackers...
CVE Alert: CVE-2024-27457
Vulnerability Summary: CVE-2024-27457 Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow...
CVE Alert: CVE-2024-47822
Vulnerability Summary: CVE-2024-47822 Directus is a real-time API and App dashboard for managing SQL database content. Access tokens from query...
CVE Alert: CVE-2024-47773
Vulnerability Summary: CVE-2024-47773 Discourse is an open source platform for community discussion. An attacker can make several XHR requests until...
CVE Alert: CVE-2024-43616
Vulnerability Summary: CVE-2024-43616 Microsoft Office Remote Code Execution Vulnerability Affected Endpoints: No affected endpoints listed. Published Date: 10/8/2024, 6:15:30 PM...
CVE Alert: CVE-2024-9570
Vulnerability Summary: CVE-2024-9570 A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this issue...
CVE Alert: CVE-2024-9576
Vulnerability Summary: CVE-2024-9576 Vulnerability in Distro Linux Workbooth v2.5 that allows to escalate privileges to the root user by manipulating...
CVE Alert: CVE-2024-9568
Vulnerability Summary: CVE-2024-9568 A vulnerability, which was classified as critical, was found in D-Link DIR-619L B1 2.06. Affected is the...
CVE Alert: CVE-2024-9573
Vulnerability Summary: CVE-2024-9573 SQL injection vulnerability in SOPlanning
CVE Alert: CVE-2024-9574
Vulnerability Summary: CVE-2024-9574 SQL injection vulnerability in SOPlanning
CVE Alert: CVE-2024-46300
Vulnerability Summary: CVE-2024-46300 itsourcecode Placement Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Full Name field...
CVE Alert: CVE-2024-45932
Vulnerability Summary: CVE-2024-45932 Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting (XSS) via the organization name field in /admin/contacts/organizations/edit/2....
CVE Alert: CVE-2024-46041
Vulnerability Summary: CVE-2024-46041 IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay. Affected Endpoints: No affected...
CVE Alert: CVE-2024-46446
Vulnerability Summary: CVE-2024-46446 Mecha CMS 3.0.0 is vulnerable to Directory Traversal. An attacker can construct cookies and URIs that bypass...
CVE Alert: CVE-2024-46278
Vulnerability Summary: CVE-2024-46278 Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console. Affected Endpoints: No affected...
