1811
|
9.8 |
CRITICAL
Network
fabianros
|
online_quiz_site
|
A vulnerability, which was classified as critical, has been found in code-projects Online Quiz Site 1.0. This issue affects some unknown processing of the file showtest.php. The manipulation of the a…
|
CWE-89
SQL Injection
|
CVE-2024-9009
|
2024-09-26 02:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1812
|
9.8 |
CRITICAL
Network
antfin
|
sofa-hessian
|
sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous cla…
|
NVD-CWE-noinfo
|
CVE-2024-46983
|
2024-09-26 02:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1813
|
7.5 |
HIGH
Network
traefik
|
traefik
|
Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the req…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2024-45410
|
2024-09-26 02:39 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1814
|
7.5 |
HIGH
Network
f-secure
|
linux_protection linux_security_64 atlant client_security elements_endpoint_protection email_and_server_security server_security
|
Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSec…
|
NVD-CWE-noinfo
|
CVE-2023-43765
|
2024-09-26 02:35 |
2023-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1815
|
9.8 |
CRITICAL
Network
d7y
|
dragonfly
|
Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2023-27584
|
2024-09-26 02:28 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1816
|
6.5 |
MEDIUM
Network
envoyproxy
|
envoy
|
Envoy is a cloud-native high-performance edge/middle/service proxy. A vulnerability has been identified in Envoy that allows malicious attackers to inject unexpected content into access logs. This is…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2024-45808
|
2024-09-26 02:18 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1817
|
5.3 |
MEDIUM
Network
jflow_project
|
jflow
|
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic. This issue affects the function AttachmentUploadController of the file /WF/Ath/EntityMutliFile_Load.…
|
NVD-CWE-Other
|
CVE-2024-9003
|
2024-09-26 02:18 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1818
|
- |
|
-
|
-
|
A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisc…
|
-
|
CVE-2024-20381
|
2024-09-26 02:15 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1819
|
- |
|
-
|
-
|
A memory leak in the Silicon Labs' Bluetooth stack for EFR32 products may cause memory to be exhausted when sending notifications to multiple clients, this results in all Bluetooth operations, such a…
|
-
|
CVE-2024-0240
|
2024-09-26 02:15 |
2024-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1820
|
7.5 |
HIGH
Adjacent
|
silabs
|
gecko_software_development_kit
|
A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code execution
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2023-6387
|
2024-09-26 02:15 |
2024-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|