|
421
|
7.5 |
HIGH
Network
atlassian
|
data_center
jira
|
Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the /rest/gad…
|
NVD-CWE-noinfo
|
CVE-2021-39123
|
2024-10-11 01:35 |
2021-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
422
|
5.3 |
MEDIUM
Network
atlassian
|
data_center
jira
|
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to discover the usernames and full names of users via an enumeration vulnerability in the /rest/api/1.0/render endpoi…
|
NVD-CWE-noinfo
|
CVE-2021-39118
|
2024-10-11 01:35 |
2021-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
423
|
5.3 |
MEDIUM
Network
atlassian
|
data_center
jira
jira_server
jira_data_center
|
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint. The a…
|
NVD-CWE-noinfo
|
CVE-2021-39122
|
2024-10-11 01:35 |
2021-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
424
|
7.8 |
HIGH
Local
|
libcap_project
redhat
fedoraproject
debian
|
libcap
enterprise_linux
fedora
debian_linux
|
A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2023-2603
|
2024-10-11 01:32 |
2023-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
425
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, has been found in Codezips Online Shopping Portal 1.0. This issue affects some unknown processing of the file /update-image1.php. The manipulation o…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-9794
|
2024-10-11 01:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
426
|
- |
|
-
|
-
|
A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This vulnerability affects the function ate_iwpriv_set/ate_ifconfig_set of the file /goform/ate. The manipulation l…
|
CWE-77
Command Injection
|
CVE-2024-9793
|
2024-10-11 01:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
427
|
- |
|
-
|
-
|
pac4j is a security framework for Java. `pac4j-core` prior to version 4.0.0 is affected by a Java deserialization vulnerability. The vulnerability affects systems that store externally controlled val…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2023-25581
|
2024-10-11 01:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
428
|
4.3 |
MEDIUM
Network
|
nask
|
ezd_rp
|
Incorrect User Management vulnerability in Naukowa i Akademicka Siec Komputerowa - Panstwowy Instytut Badawczy EZD RP allows logged-in user to list all users in the system, including those from other…
|
CWE-863
Incorrect Authorization
|
CVE-2024-7266
|
2024-10-11 01:15 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
429
|
8.8 |
HIGH
Network
|
nask
|
ezd_rp
|
Incorrect User Management vulnerability in Naukowa i Akademicka Siec Komputerowa - Panstwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, wh…
|
CWE-863
Incorrect Authorization
|
CVE-2024-7265
|
2024-10-11 01:15 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
430
|
7.8 |
HIGH
Local
|
j11g
|
cruddiy
|
The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request to the application server.
The exploitation risk is limited since CRUDDIY is meant to be launched loca…
|
CWE-78
OS Command
|
CVE-2024-4748
|
2024-10-11 01:15 |
2024-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
