661
|
- |
|
-
|
-
|
Directus is a real-time API and App dashboard for managing SQL database content. Access tokens from query strings are not redacted and are potentially exposed in system logs which may be persisted. T…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-47822
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
662
|
- |
|
-
|
-
|
TYPO3 is a free and open source Content Management Framework. Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/gro…
|
CWE-863
Incorrect Authorization
|
CVE-2024-47780
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
663
|
- |
|
-
|
-
|
Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a response without any preloaded data. This issue only affect…
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2024-47773
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
664
|
- |
|
-
|
-
|
Insecure permissions in the Bluetooth Low Energy (BLE) component of Fire-Boltt Artillery Smart Watch NJ-R6E-10.3 allow attackers to cause a Denial of Service (DoS).
|
-
|
CVE-2024-46539
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
665
|
- |
|
-
|
-
|
PublicCMS V4.0.202406.d was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted script to the Category Managment feature
|
-
|
CVE-2024-46410
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
666
|
7.8 |
HIGH
Local
|
-
|
-
|
Microsoft Office Remote Code Execution Vulnerability
|
CWE-426
Untrusted Search Path
|
CVE-2024-43616
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
667
|
7.1 |
HIGH
Network
|
-
|
-
|
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
|
CWE-73
External Control of File Name or Path
|
CVE-2024-43615
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
668
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Microsoft Defender for Endpoint for Linux Spoofing Vulnerability
|
CWE-23
Relative Path Traversal
|
CVE-2024-43614
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
669
|
6.9 |
MEDIUM
Network
|
-
|
-
|
Power BI Report Server Spoofing Vulnerability
|
CWE-79
Cross-site Scripting
|
CVE-2024-43612
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
670
|
8.8 |
HIGH
Network
|
-
|
-
|
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
|
CWE-20 CWE-122
Improper Input Validation Heap-based Buffer Overflow
|
CVE-2024-43611
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|