261
|
- |
|
-
|
-
|
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. `\PhpOffice\PhpSpreadsheet\Writer\Html` does not sanitize "javascript:" URLs from hyperlink `href` attributes, resultin…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-45292
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
262
|
- |
|
-
|
-
|
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potent…
Update
|
CWE-20 CWE-121
Improper Input Validation Stack-based Buffer Overflow
|
CVE-2024-31449
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263
|
- |
|
-
|
-
|
Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed i…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-43362
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264
|
- |
|
-
|
-
|
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The security scanner responsible for preventing XXE attacks in the XLSX reader can be bypassed by slightly modifying th…
Update
|
-
|
CVE-2024-45293
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265
|
- |
|
-
|
-
|
Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands suc…
Update
|
CWE-674
Uncontrolled Recursion
|
CVE-2024-31228
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266
|
- |
|
-
|
-
|
Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and su…
Update
|
CWE-20
Improper Input Validation
|
CVE-2024-31227
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267
|
- |
|
-
|
-
|
Improper access control validation in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access or an attacker with local access to potentially enab…
Update
|
-
|
CVE-2024-47975
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268
|
- |
|
-
|
-
|
Authenticated RCE via Path Traversal
Update
|
-
|
CVE-2024-47559
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269
|
- |
|
-
|
-
|
Authenticated RCE via Path Traversal
Update
|
-
|
CVE-2024-47558
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270
|
- |
|
-
|
-
|
Pre-Auth RCE via Path Traversal
Update
|
-
|
CVE-2024-47557
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|