|
41
|
- |
|
-
|
-
|
There exists a use after free vulnerability in Reverb. Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked…
New
|
-
|
CVE-2024-8375
|
2024-09-20 01:15 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
42
|
- |
|
-
|
-
|
A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code…
New
|
-
|
CVE-2024-7737
|
2024-09-20 01:15 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
43
|
- |
|
-
|
-
|
A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execu…
New
|
-
|
CVE-2024-7736
|
2024-09-20 01:15 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
44
|
- |
|
-
|
-
|
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information.
New
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-45862
|
2024-09-20 01:15 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
45
|
- |
|
-
|
-
|
Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information.
New
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-45861
|
2024-09-20 01:15 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
46
|
7.5 |
HIGH
Network
ibm
|
security_verify_governance
|
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before storage or transmission. IBM X-Force ID: 256020.
Update
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2023-33837
|
2024-09-20 01:15 |
2023-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
47
|
7.5 |
HIGH
Network
ibm
|
txseries_for_multiplatform
cics_tx
|
IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial …
Update
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2023-33850
|
2024-09-20 01:15 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
48
|
7.3 |
HIGH
Local
|
openpolicyagent
|
open_policy_agent
|
A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrar…
Update
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2024-8260
|
2024-09-20 01:08 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
49
|
4.9 |
MEDIUM
Network
|
wagtail
|
wagtail
|
Wagtail is an open source content management system built on Django. A bug in Wagtail's `parse_query_string` would result in it taking a long time to process suitably crafted inputs. When used to par…
Update
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2024-39317
|
2024-09-20 01:08 |
2024-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
50
|
7.4 |
HIGH
Network
|
fortinet
|
fortiadc
|
An improper certificate validation vulnerability [CWE-295] in FortiADC 7.4.0, 7.2.0 through 7.2.3, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allo…
Update
|
CWE-295
Improper Certificate Validation
|
CVE-2023-50178
|
2024-09-20 01:06 |
2024-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
