401
|
- |
|
-
|
-
|
There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked…
|
-
|
CVE-2024-8375
|
2024-09-20 21:30 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
402
|
- |
|
-
|
-
|
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-45862
|
2024-09-20 21:30 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
403
|
- |
|
-
|
-
|
Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-45861
|
2024-09-20 21:30 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
404
|
- |
|
-
|
-
|
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This al…
|
-
|
CVE-2024-45752
|
2024-09-20 21:30 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
405
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ece Software Electronic Ticket System allows Reflected XSS, Cross-Site Scripting (XSS).Thi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7785
|
2024-09-20 21:30 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
406
|
- |
|
-
|
-
|
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/?/user/add
|
-
|
CVE-2024-46394
|
2024-09-20 21:30 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
407
|
- |
|
-
|
-
|
A SQL injection vulnerability in linlinjava litemall 1.8.0 allows a remote attacker to obtain sensitive information via the goodsId, goodsSn, and name parameters in AdminGoodscontroller.java.
|
-
|
CVE-2024-46382
|
2024-09-20 21:30 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
408
|
- |
|
-
|
-
|
The grafana plugin SDK bundles build metadata into the binaries it compiles; this metadata includes the repository URI for the plugin being built, as retrieved by running `git remote get-url origin`.…
|
-
|
CVE-2024-8986
|
2024-09-20 21:30 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
409
|
4.7 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivi…
|
CWE-617
Reachable Assertion
|
CVE-2024-8354
|
2024-09-20 21:30 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
410
|
4.4 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which …
|
CWE-59
Link Following
|
CVE-2024-45770
|
2024-09-20 21:30 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|