541
|
- |
|
-
|
-
|
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. `\PhpOffice\PhpSpreadsheet\Writer\Html` does not sanitize "javascript:" URLs from hyperlink `href` attributes, resultin…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45292
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
542
|
- |
|
-
|
-
|
Cacti is an open source performance and fault management framework. The `title` parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stor…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43364
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
543
|
- |
|
-
|
-
|
Cacti is an open source performance and fault management framework. The `fileurl` parameter is not properly sanitized when saving external links in `links.php` . Morever, the said fileurl is placed i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43362
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
544
|
- |
|
-
|
-
|
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The security scanner responsible for preventing XXE attacks in the XLSX reader can be bypassed by slightly modifying th…
|
-
|
CVE-2024-45293
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
545
|
- |
|
-
|
-
|
Redis is an open source, in-memory database that persists on disk. An authenticated user may use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may potent…
|
CWE-20 CWE-121
Improper Input Validation Stack-based Buffer Overflow
|
CVE-2024-31449
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
546
|
- |
|
-
|
-
|
Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service by using specially crafted, long string match patterns on supported commands suc…
|
CWE-674
Uncontrolled Recursion
|
CVE-2024-31228
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
547
|
- |
|
-
|
-
|
Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may create a malformed ACL selector which, when accessed, triggers a server panic and su…
|
CWE-20
Improper Input Validation
|
CVE-2024-31227
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
548
|
- |
|
-
|
-
|
Authenticated RCE via Path Traversal
|
-
|
CVE-2024-47559
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
549
|
- |
|
-
|
-
|
Authenticated RCE via Path Traversal
|
-
|
CVE-2024-47558
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
550
|
- |
|
-
|
-
|
Pre-Auth RCE via Path Traversal
|
-
|
CVE-2024-47557
|
2024-10-10 21:57 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|