|
1391
|
5.4 |
MEDIUM
Network
|
zohocorp
|
manageengine_servicedesk_plus
manageengine_servicedesk_plus_msp
manageengine_supportcenter_plus
|
Zoho ManageEngine ServiceDesk Plus before 14202, ServiceDesk Plus MSP before 14300, and SupportCenter Plus before 14300 have a privilege escalation vulnerability in the Release module that allows unp…
|
NVD-CWE-noinfo
|
CVE-2023-34197
|
2024-11-14 06:35 |
2023-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1392
|
- |
|
-
|
-
|
Insufficient validation performed on the REST API License file in Paxton Net2 before 6.07.14023.5015 (SR4) enables use of the REST API with an invalid License File. Attackers may be able to retrieve …
|
-
|
CVE-2024-48939
|
2024-11-14 06:15 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1393
|
8.1 |
HIGH
Network
|
parseplatform
|
parse_server
|
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. If the Parse Server option allowCustomObjectId: true is set, an attacker that is allowed to cre…
|
CWE-863
Incorrect Authorization
|
CVE-2024-47183
|
2024-11-14 06:15 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1394
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix out-of-bounds write in trie_get_next_key()
trie_get_next_key() allocates a node stack with size trie->max_prefixlen,
whi…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-50262
|
2024-11-14 06:10 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1395
|
9.8 |
CRITICAL
Network
dlink
|
di-8003_firmware
|
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical. Affected is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argume…
|
CWE-78
CWE-77
OS Command
Command Injection
|
CVE-2024-11046
|
2024-11-14 06:01 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1396
|
9.8 |
CRITICAL
Network
dlink
|
di-8003_firmware
|
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipu…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2024-11047
|
2024-11-14 05:56 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1397
|
9.8 |
CRITICAL
Network
dlink
|
di-8003_firmware
|
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str le…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2024-11048
|
2024-11-14 05:53 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1398
|
5.4 |
MEDIUM
Network
|
cleversoft
|
clever_addons_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CleverSoft Clever Addons for Elementor allows Stored XSS.This issue affects Clever Addons …
|
CWE-79
Cross-site Scripting
|
CVE-2024-51580
|
2024-11-14 05:50 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1399
|
5.4 |
MEDIUM
Network
|
nicheaddons
|
restaurant_\&_cafe_addon_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Restaurant & Cafe Addon for Elementor allows Stored XSS.This issue affects Res…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51581
|
2024-11-14 05:49 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1400
|
7.2 |
HIGH
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. SuiteCRM relies on the blacklist of functions/methods to prevent installation of malicious ML…
|
NVD-CWE-noinfo
|
CVE-2024-49774
|
2024-11-14 05:40 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
