651
|
4.7 |
MEDIUM
Local
|
-
|
-
|
A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrar…
|
CWE-20
Improper Input Validation
|
CVE-2024-9407
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
652
|
- |
|
-
|
-
|
Tonic is a native gRPC client & server implementation with async/await support. When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-47609
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
653
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Stored Cross-Site Scripting (XSS) can be achieved by uploading a new Background for a Custom Map. Users with "admin" role c…
|
CWE-79 CWE-116 CWE-434
Cross-site Scripting Improper Encoding or Escaping of Output Unrestricted Upload of File with Dangerous Type
|
CVE-2024-47528
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
654
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Device Dependencies" feature allows authenticated users to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47527
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
655
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting (Self-XSS) vulnerability in the "Alert Templates" feature allows users to inject arbitrary Java…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47526
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
656
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Alert Rules" feature allows authenticated users to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47525
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
657
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can create a Device Groups, the application did not properly sanitize the user input in the Device Gro…
|
-
|
CVE-2024-47524
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
658
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Alert Transports" feature allows authenticated users to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47523
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
659
|
- |
|
-
|
-
|
Scriptcase 9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_unzip function.
|
-
|
CVE-2024-46084
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
660
|
- |
|
-
|
-
|
Scriptcase v.9.10.023 and before is vulnerable to Cross Site Scripting (XSS) in nm_cor.php via the form and field parameters.
|
-
|
CVE-2024-46082
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|