Python CPython denial of service | CVE-2024-0450
NAME__________Python CPython denial of servicePlatforms Affected:Python CPython 3.8.18 Python CPython 3.9.18 Python CPython 3.10.13 Python CPython 3.11.8 Python CPython 3.12.2Risk...
CVE
GeoServer cross-site scripting | CVE-2024-23821
NAME__________GeoServer cross-site scriptingPlatforms Affected:GeoServer GeoServer 2.4.0 GeoServer GeoServer 2.23.3Risk Level:4.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________GeoServer is vulnerable to cross-site scripting, caused by improper...
Meta4HR cross-site scripting | CVE-2024-2634
NAME__________Meta4HR cross-site scriptingPlatforms Affected:Cegid Meta4 HR 819.001.022 Cegid Meta4 HR 819.001.021Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Meta4HR is vulnerable to cross-site scripting, caused...
Meta4HR cross-site scripting | CVE-2024-2633
NAME__________Meta4HR cross-site scriptingPlatforms Affected:Cegid Meta4 HR 819.001.022 Cegid Meta4 HR 819.001.021Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Meta4HR is vulnerable to cross-site scripting, caused...
Broadcom, Microsoft and MikroTik products denial of service | CVE-2024-2169
NAME__________Broadcom, Microsoft and MikroTik products denial of servicePlatforms Affected:Broadcom DSL/PON/Wifi routers Microsoft Windows Deployment Services (WDS) MikroTik TFTP serviceRisk Level:7.5Exploitability:UnprovenConsequences:Denial...
GeoServer cross-site scripting | CVE-2024-23818
NAME__________GeoServer cross-site scriptingPlatforms Affected:GeoServer GeoServer 2.4.0 GeoServer GeoServer 2.23.2Risk Level:4.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________GeoServer is vulnerable to cross-site scripting, caused by improper...
Axis Communications AB AXIS OS denial of service | CVE-2024-0055
NAME__________Axis Communications AB AXIS OS denial of servicePlatforms Affected:Axis Communications AB AXIS OS 11.8Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Axis Communications AB...
Meta4HR information disclosure | CVE-2024-2632
NAME__________Meta4HR information disclosurePlatforms Affected:Cegid Meta4 HR 819.001.022 Cegid Meta4 HR 819.001.021Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Meta4HR could allow a remote attacker to...
IBM Storage Protect Plus Server information disclosure | CVE-2024-27277
NAME__________IBM Storage Protect Plus Server information disclosurePlatforms Affected:IBM Storage Protect Plus Server 10.1.0 IBM Storage Protect Plus Server 10.1.16Risk Level:6.2Exploitability:UnprovenConsequences:Obtain...
OneBlog cross-site scripting | CVE-2024-29473
NAME__________OneBlog cross-site scriptingPlatforms Affected:OneBlog OneBlog 2.3.4Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________OneBlog is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Apache Commons Configuration code execution | CVE-2024-29131
NAME__________Apache Commons Configuration code executionPlatforms Affected:Apache Software Foundation Apache Commons Configuration 2.0Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Commons Configuration could allow a...
IBM Storage Protect Plus Server improper access control | CVE-2023-47715
NAME__________IBM Storage Protect Plus Server improper access controlPlatforms Affected:IBM Storage Protect Plus Server 10.1.0 IBM Storage Protect Plus Server 10.1.16Risk...
Apache Commons Configuration code execution | CVE-2024-29133
NAME__________Apache Commons Configuration code executionPlatforms Affected:Apache Software Foundation Apache Commons Configuration 2.0Risk Level:7.3Exploitability:UnprovenConsequences: DESCRIPTION__________Apache Commons Configuration could allow a remote...
OneBlog cross-site scripting | CVE-2024-29471
NAME__________OneBlog cross-site scriptingPlatforms Affected:OneBlog OneBlog 2.3.4Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________OneBlog is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
OneBlog cross-site scripting | CVE-2024-29470
NAME__________OneBlog cross-site scriptingPlatforms Affected:OneBlog OneBlog 2.3.4Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________OneBlog is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Complete E-Commerce Site file upload | CVE-2024-2754
NAME__________Complete E-Commerce Site file uploadPlatforms Affected:Sourcecodester Complete E-Commerce Site 1.0Risk Level:4.7Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Complete E-Commerce Site could allow a...
Tenda AC10U buffer overflow | CVE-2024-2711
NAME__________Tenda AC10U buffer overflowPlatforms Affected:Tenda AC10U 15.03.06.48Risk Level:7.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda AC10U is vulnerable to a stack-based buffer overflow,...
OneBlog cross-site scripting | CVE-2024-29474
NAME__________OneBlog cross-site scriptingPlatforms Affected:OneBlog OneBlog 2.3.4Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________OneBlog is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Apache Doris command execution | CVE-2024-27438
NAME__________Apache Doris command executionPlatforms Affected:Apache Software Foundation Apache Doris 1.2.0Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Doris could allow a remote authenticated attacker...
Campcodes Online Beauty Parlor Management System SQL injection | CVE-2024-2666
NAME__________Campcodes Online Beauty Parlor Management System SQL injectionPlatforms Affected:Campcodes Complete Online Beauty Parlor Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Campcodes Online...
Apache Doris security bypass | CVE-2024-26307
NAME__________Apache Doris security bypassPlatforms Affected:Apache Software Foundation Apache Doris 1.2.0Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Apache Doris could allow a remote attacker to...
ChirpStack chirpstack-mqtt-forwarder and chirpstack-gateway-bridge weak security | CVE-2024-29862
NAME__________ChirpStack chirpstack-mqtt-forwarder and chirpstack-gateway-bridge weak securityPlatforms Affected:ChirpStack chirpstack-mqtt-forwarder 4.2.0 ChirpStack chirpstack-gateway-bridge 4.0.10Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ChirpStack chirpstack-mqtt-forwarder and chirpstack-gateway-bridge could provide...
SolarEdge mySolarEdge man-in-the-middle | CVE-2024-28756
NAME__________SolarEdge mySolarEdge man-in-the-middlePlatforms Affected:SolarEdge MySolarEdge android app 2.20Risk Level:5.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________SolarEdge mySolarEdge is vulnerable to a man-in-the-middle attack, caused by...
Advantech WebAccess/SCADA SQL injection | CVE-2024-2453
NAME__________Advantech WebAccess/SCADA SQL injectionPlatforms Affected:Advantech WebAccess/SCADA 9.1.5URisk Level:6.4Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Advantech WebAccess/SCADA is vulnerable to SQL injection. A remote authenticated attacker...
