161
|
5.3 |
MEDIUM
Physics
|
rfideas
|
micard_plus_ci_firmware micard_plus_ble_firmware
|
The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT-ware have a firmware fault that may result in characters randomly being dropped from some ID card read…
Update
|
NVD-CWE-noinfo
|
CVE-2024-1578
|
2024-09-20 22:53 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
162
|
4.8 |
MEDIUM
Network
|
oracle netapp
|
graalvm graalvm_for_jdk java_jre java_jdk oncommand_workflow_automation oncommand_insight bluexp cloud_insights_storage_workload_security_agent
|
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u4…
Update
|
NVD-CWE-noinfo
|
CVE-2024-21145
|
2024-09-20 22:46 |
2024-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
163
|
9.8 |
CRITICAL
Network
gargaj
|
wuhu
|
A vulnerability classified as critical has been found in Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120. Affected is an unknown function of the file /slideeditor.php of the component Slid…
Update
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-6948
|
2024-09-20 22:41 |
2024-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
164
|
5.3 |
MEDIUM
Network
gargaj
|
wuhu
|
A vulnerability classified as problematic was found in Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120. Affected by this vulnerability is an unknown functionality of the file /pages.php?ed…
Update
|
CWE-22
Path Traversal
|
CVE-2024-6949
|
2024-09-20 22:39 |
2024-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
165
|
- |
|
-
|
-
|
An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to execute arbitrary code via uploading a crafted PHP file to the u…
New
|
-
|
CVE-2024-40125
|
2024-09-20 22:35 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
166
|
- |
|
-
|
-
|
Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function.
New
|
-
|
CVE-2024-33109
|
2024-09-20 22:35 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
167
|
6.1 |
MEDIUM
Network
|
jetbrains
|
intellij_idea
|
In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-46970
|
2024-09-20 22:23 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
168
|
- |
|
-
|
-
|
This vulnerability exists in Apex Softcell LD DP Back Office due to improper validation of certain parameters (cCdslClicentcode and cLdClientCode) in the API endpoint. An authenticated remote attacke…
New
|
CWE-359
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2024-47085
|
2024-09-20 22:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
169
|
5.0 |
MEDIUM
Network
|
nozominetworks
|
cmc guardian
|
An access control vulnerability was discovered in the Reports section due to a specific access restriction not being properly enforced for users with limited privileges.
If a logged-in user with r…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2024-4465
|
2024-09-20 22:15 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
170
|
6.5 |
MEDIUM
Network
|
mintplexlabs
|
anythingllm
|
mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in its upload file endpoint, leading to a denial of service (DOS) condition. Specifically, the server can …
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-3153
|
2024-09-20 22:15 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|