641
|
- |
|
-
|
-
|
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potent…
|
CWE-20 CWE-121
Improper Input Validation Stack-based Buffer Overflow
|
CVE-2024-31449
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
642
|
- |
|
-
|
-
|
Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43362
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
643
|
- |
|
-
|
-
|
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The security scanner responsible for preventing XXE attacks in the XLSX reader can be bypassed by slightly modifying th…
|
-
|
CVE-2024-45293
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
644
|
- |
|
-
|
-
|
Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands suc…
|
CWE-674
Uncontrolled Recursion
|
CVE-2024-31228
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
645
|
- |
|
-
|
-
|
Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and su…
|
CWE-20
Improper Input Validation
|
CVE-2024-31227
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
646
|
- |
|
-
|
-
|
Authenticated RCE via Path Traversal
|
-
|
CVE-2024-47559
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
647
|
- |
|
-
|
-
|
Authenticated RCE via Path Traversal
|
-
|
CVE-2024-47558
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
648
|
- |
|
-
|
-
|
Pre-Auth RCE via Path Traversal
|
-
|
CVE-2024-47557
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
649
|
- |
|
-
|
-
|
Pre-Auth RCE via Path Traversal
|
-
|
CVE-2024-47556
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
650
|
- |
|
-
|
-
|
BlueCMS 1.6 suffers from Arbitrary File Deletion via the file_name parameter in an /admin/database.php?act=del request.
|
-
|
CVE-2024-45894
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|