1721
|
9.8 |
CRITICAL
Network
cellopoint
|
secure_email_gateway
|
Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Remote unauthenticated attackers can send crafted packets to crash the process, thereby bypassing aut…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-9043
|
2024-09-26 02:54 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1722
|
9.8 |
CRITICAL
Network
medialibs
|
webo-facto
|
The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it…
|
NVD-CWE-noinfo
|
CVE-2024-8853
|
2024-09-26 02:49 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1723
|
9.8 |
CRITICAL
Network
gematik
|
reference_validator
|
The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons p…
|
CWE-611
XXE
|
CVE-2024-46984
|
2024-09-26 02:49 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1724
|
9.8 |
CRITICAL
Network
code-projects
|
crud_operation_system
|
A vulnerability, which was classified as critical, was found in code-projects Crud Operation System 1.0. Affected is an unknown function of the file updata.php. The manipulation of the argument sid l…
|
CWE-89
SQL Injection
|
CVE-2024-9011
|
2024-09-26 02:48 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1725
|
9.8 |
CRITICAL
Network
fabianros
|
online_quiz_site
|
A vulnerability, which was classified as critical, has been found in code-projects Online Quiz Site 1.0. This issue affects some unknown processing of the file showtest.php. The manipulation of the a…
|
CWE-89
SQL Injection
|
CVE-2024-9009
|
2024-09-26 02:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1726
|
9.8 |
CRITICAL
Network
antfin
|
sofa-hessian
|
sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous cla…
|
NVD-CWE-noinfo
|
CVE-2024-46983
|
2024-09-26 02:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1727
|
7.5 |
HIGH
Network
traefik
|
traefik
|
Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the req…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2024-45410
|
2024-09-26 02:39 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1728
|
7.5 |
HIGH
Network
f-secure
|
linux_protection linux_security_64 atlant client_security elements_endpoint_protection email_and_server_security server_security
|
Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSec…
|
NVD-CWE-noinfo
|
CVE-2023-43765
|
2024-09-26 02:35 |
2023-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1729
|
9.8 |
CRITICAL
Network
d7y
|
dragonfly
|
Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2023-27584
|
2024-09-26 02:28 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1730
|
6.5 |
MEDIUM
Network
envoyproxy
|
envoy
|
Envoy is a cloud-native high-performance edge/middle/service proxy. A vulnerability has been identified in Envoy that allows malicious attackers to inject unexpected content into access logs. This is…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2024-45808
|
2024-09-26 02:18 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|