581
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Alert Transports" feature allows authenticated users to inject ar…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-47523
|
2024-10-2 06:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
582
|
6.5 |
MEDIUM
Network
|
apache
|
druid
|
Apache Druid allows users with certain permissions to read data from other database systems using JDBC. This functionality allows trusted users to set up Druid lookups or run ingestion tasks. Druid a…
Update
|
NVD-CWE-noinfo
|
CVE-2024-45537
|
2024-10-2 05:41 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
583
|
4.9 |
MEDIUM
Network
|
formtools
|
form_tools
|
A vulnerability, which was classified as problematic, has been found in formtools.org Form Tools 3.1.1. This issue affects some unknown processing of the file /admin/settings/index.php?page=accounts …
Update
|
CWE-94
Code Injection
|
CVE-2024-6936
|
2024-10-2 05:37 |
2024-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
584
|
- |
|
-
|
-
|
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated user can craft malicious payloads using the messages feature, which allows the injection of malicious cod…
New
|
-
|
CVE-2024-46083
|
2024-10-2 05:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
585
|
- |
|
-
|
-
|
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated user can craft malicious payloads in the To-Do List. The assigned user will trigger a stored XSS, which i…
New
|
-
|
CVE-2024-46081
|
2024-10-2 05:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
586
|
- |
|
-
|
-
|
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS) in proj_new.php via the Descricao parameter.
New
|
-
|
CVE-2024-46079
|
2024-10-2 05:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
587
|
- |
|
-
|
-
|
It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131,…
New
|
-
|
CVE-2024-9396
|
2024-10-2 05:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
588
|
4.6 |
MEDIUM
Physics
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user with physical access to the machine. IBM X-Force ID: 294727.
Update
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2024-37533
|
2024-10-2 05:35 |
2024-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
589
|
7.8 |
HIGH
Local
|
google
|
android
|
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
Update
|
CWE-862
Missing Authorization
|
CVE-2023-38460
|
2024-10-2 05:35 |
2023-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
590
|
7.5 |
HIGH
Network
apache
|
apache-airflow-providers-apache-spark
|
Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to re…
Update
|
NVD-CWE-noinfo
|
CVE-2023-40272
|
2024-10-2 05:35 |
2023-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|