1721
|
7.5 |
HIGH
Network
eskom
|
e-belediye
|
Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users.This issue affects e-municipality module: before v.105.
|
CWE-648
Incorrect Use of Privileged APIs
|
CVE-2023-6150
|
2024-09-26 21:15 |
2023-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1722
|
7.5 |
HIGH
Network
botanikyazilim
|
pharmacy_automation
|
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Botanik Software Pharmacy Automation allows Retrieve Embedded Sensitive Data.This issue affects Pharmacy Automation:…
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2023-5983
|
2024-09-26 21:15 |
2023-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1723
|
9.8 |
CRITICAL
Network
yepas
|
digital_yepas
|
Incorrect Use of Privileged APIs vulnerability in Yepas Digital Yepas allows Collect Data as Provided by Users.This issue affects Digital Yepas: before 1.0.1.
|
CWE-648
Incorrect Use of Privileged APIs
|
CVE-2023-4972
|
2024-09-26 21:15 |
2023-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1724
|
- |
|
-
|
-
|
Missing Authorization vulnerability in Stuart Wilson Joy Of Text Lite.This issue affects Joy Of Text Lite: from n/a through 2.3.1.
|
CWE-862
Missing Authorization
|
CVE-2024-47337
|
2024-09-26 18:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1725
|
- |
|
-
|
-
|
Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerabili…
|
-
|
CVE-2024-47044
|
2024-09-26 18:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1726
|
- |
|
-
|
-
|
Mattermost versions 9.5.x <= 9.5.8 fail to properly authorize access to archived channels when viewing archived channels is disabled, which allows an attacker to view posts and files of archived chan…
|
-
|
CVE-2024-47145
|
2024-09-26 17:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1727
|
- |
|
-
|
-
|
Mattermost versions 9.11.x <= 9.11.0 and 9.5.x <= 9.5.8 fail to validate that the message of the permalink post is a string, which allows an attacker to send a non-string value as the message of a pe…
|
-
|
CVE-2024-47003
|
2024-09-26 17:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1728
|
- |
|
-
|
-
|
Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and Alibaba in the SSRF denylist, which allows an attacker to possibly cause an SSRF if Mattermost was deploy…
|
-
|
CVE-2024-45843
|
2024-09-26 17:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1729
|
- |
|
-
|
-
|
An information disclosure issue has been discovered in GitLab EE affecting all versions starting from 16.5 prior to 17.2.8, from 17.3 prior to 17.3.4, and from 17.4 prior to 17.4.1. A maintainer coul…
|
-
|
CVE-2024-4278
|
2024-09-26 16:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1730
|
8.8 |
HIGH
Network
|
elecom
|
wrc-2533gs2-b_firmware wrc-2533gs2-w_firmware wrc-2533gs2v-b_firmware wrc-x6000xs-g_firmware wrc-x1500gs-b_firmware wrc-x1500gsa-b_firmware
|
Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a malicious page while logging in to the affected product with an administrative privilege, the user may be dir…
|
CWE-352
Origin Validation Error
|
CVE-2024-40883
|
2024-09-26 14:15 |
2024-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|