|
31
|
6.1 |
MEDIUM
Network
|
playsms
|
playsms
|
A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an unknown function of the file /index.php?app=main&inc=feature_phonebook&op=phonebook_list of the compon…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-6251
|
2024-09-20 01:50 |
2024-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
32
|
4.8 |
MEDIUM
Network
|
apache
|
allura
|
Apache Allura's neighborhood settings are vulnerable to a stored XSS attack. Only neighborhood admins can access these settings, so the scope of risk is limited to configurations where neighborhood …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-38379
|
2024-09-20 01:46 |
2024-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
33
|
- |
|
-
|
-
|
logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This al…
New
|
-
|
CVE-2024-45752
|
2024-09-20 01:35 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
34
|
6.1 |
MEDIUM
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. A vulnerability in versions prior to 8.6.1 allows for Host Header Injection when directly accessing the `/legac…
Update
|
CWE-601
Open Redirect
|
CVE-2024-36419
|
2024-09-20 01:31 |
2024-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
35
|
5.3 |
MEDIUM
Network
shedaniel
|
roughlyenoughitems
|
Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index…
Update
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-42698
|
2024-09-20 01:29 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
36
|
8.8 |
HIGH
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in connectors allows an authenticated user to perform a rem…
Update
|
CWE-22
Path Traversal
|
CVE-2024-36418
|
2024-09-20 01:28 |
2024-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
37
|
8.2 |
HIGH
Local
|
dell
|
xps_8960_firmware
xps_8950_firmware
inspiron_3502_firmware
inspiron_15_3521_firmware
inspiron_15_3510_firmware
aurora_r16_firmware
alienware_x17_r2_firmware
alienware_x17_r1_firm…
|
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnera…
Update
|
NVD-CWE-noinfo
|
CVE-2024-32859
|
2024-09-20 01:24 |
2024-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
38
|
5.3 |
MEDIUM
Network
mezz
|
justenoughitems
|
JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JE…
Update
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-41565
|
2024-09-20 01:19 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
39
|
6.8 |
MEDIUM
Network
|
-
|
-
|
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enablin…
New
|
CWE-601
Open Redirect
|
CVE-2024-8883
|
2024-09-20 01:15 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
40
|
7.7 |
HIGH
Network
|
-
|
-
|
A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for speci…
New
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2024-8698
|
2024-09-20 01:15 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
