531
|
- |
|
-
|
-
|
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file which links media from external URLs. When opening the XLSX fil…
|
CWE-918 CWE-36
Server-Side Request Forgery (SSRF) Absolute Path Traversal
|
CVE-2024-45290
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
532
|
- |
|
-
|
-
|
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. One of the sample scripts in PhpSpreadsheet is susceptible to a cross-site scripting (XSS) vulnerability due to imprope…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45060
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
533
|
- |
|
-
|
-
|
Discourse is an open source platform for community discussion. A maliciously crafted email address could allow an attacker to bypass domain-based restrictions and gain access to private sites, catego…
|
CWE-287
Improper Authentication
|
CVE-2024-45051
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
534
|
- |
|
-
|
-
|
Discourse is an open source platform for community discussion. A user can create a post with many replies, and then attempt to fetch them all at once. This can potentially reduce the availability of …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-43789
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
535
|
- |
|
-
|
-
|
Cacti is an open source performance and fault management framework. The`consolenewsection` parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewse…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43365
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
536
|
- |
|
-
|
-
|
Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process (completing onl…
|
CWE-94
Code Injection
|
CVE-2024-43363
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
537
|
- |
|
-
|
-
|
Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.
|
-
|
CVE-2024-47976
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
538
|
- |
|
-
|
-
|
Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially control the performance of the resource.
|
-
|
CVE-2024-47972
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
539
|
- |
|
-
|
-
|
Improper error handling in firmware of some SSD DC Products may allow an attacker to enable denial of service.
|
-
|
CVE-2024-47971
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
540
|
- |
|
-
|
-
|
Meshtastic is an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic firmware is an open source firmware implementation for the broader projec…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2024-47079
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|