271
|
- |
|
-
|
-
|
The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. This could lead to the disclosure of s…
|
-
|
CVE-2024-6786
|
2024-09-21 14:15 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
272
|
- |
|
-
|
-
|
The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensit…
|
-
|
CVE-2024-6785
|
2024-09-21 14:15 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
273
|
8.8 |
HIGH
Local
|
siemens
|
omnivise_t3000_whitelisting_server omnivise_t3000_thin_client omnivise_t3000_product_data_management omnivise_t3000_domain_controller omnivise_t3000_application_server omnivise_t3000_t…
|
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 Domain Controller R9.2 (All versions), Omnivise T3000 Network Intrusion Detection System (…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-38877
|
2024-09-21 08:35 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
274
|
9.8 |
CRITICAL
Network
siemens
|
omnivise_t3000_application_server
|
A vulnerability has been identified in Omnivise T3000 Application Server R9.2 (All versions), Omnivise T3000 R8.2 SP3 (All versions), Omnivise T3000 R8.2 SP4 (All versions). The affected system expos…
|
NVD-CWE-noinfo
|
CVE-2024-38879
|
2024-09-21 08:26 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
275
|
5.3 |
MEDIUM
Network
spa-cart
|
spa-cartcms
|
A vulnerability, which was classified as problematic, has been found in spa-cartcms 1.9.0.6. This issue affects some unknown processing of the file /checkout of the component Checkout Page. The manip…
|
NVD-CWE-Other
|
CVE-2024-6128
|
2024-09-21 08:21 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
276
|
9.8 |
CRITICAL
Network
brainstormforce
|
convert_pro
|
Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through 1.7.5.
|
CWE-862
Missing Authorization
|
CVE-2023-36684
|
2024-09-21 08:19 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
277
|
8.8 |
HIGH
Network
|
brainstormforce
|
spectra
|
Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6.
|
CWE-862
Missing Authorization
|
CVE-2023-36676
|
2024-09-21 08:11 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
278
|
5.4 |
MEDIUM
Network
|
thinksaas
|
thinksaas
|
A vulnerability, which was classified as problematic, has been found in ThinkSAAS 3.7.0. This issue affects some unknown processing of the file app/system/action/do.php. The manipulation of the argum…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6941
|
2024-09-21 08:08 |
2024-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
279
|
5.4 |
MEDIUM
Network
|
thinksaas
|
thinksaas
|
A vulnerability, which was classified as problematic, was found in ThinkSAAS 3.7.0. Affected is an unknown function of the file app/system/action/anti.php of the component Admin Panel Security Center…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6942
|
2024-09-21 07:59 |
2024-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
280
|
6.1 |
MEDIUM
Network
|
xinhu
|
rockoa
|
A vulnerability was found in Xinhu RockOA 2.6.3 and classified as problematic. Affected by this issue is the function okla of the file /webmain/public/upload/tpl_upload.html. The manipulation of the …
|
CWE-79
Cross-site Scripting
|
CVE-2024-6939
|
2024-09-21 07:55 |
2024-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|