431
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Update
|
NVD-CWE-noinfo
|
CVE-2024-8908
|
2024-09-24 02:59 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
432
|
6.1 |
MEDIUM
Network
|
netcat
|
netcat_content_management_system
|
A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific paths on the site.
This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8653
|
2024-09-24 02:55 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
433
|
6.1 |
MEDIUM
Network
|
netcat
|
netcat_content_management_system
|
A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific path on the site.
This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8652
|
2024-09-24 02:53 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
434
|
5.3 |
MEDIUM
Network
netcat
|
netcat_content_management_system
|
A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that can be used to check whether a user exists in the system, which could be a basis for further attacks.
Th…
Update
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-8651
|
2024-09-24 02:51 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
435
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Update
|
NVD-CWE-noinfo
|
CVE-2024-8909
|
2024-09-24 02:51 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
436
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML p…
Update
|
NVD-CWE-noinfo
|
CVE-2024-8906
|
2024-09-24 02:38 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
437
|
- |
|
-
|
-
|
A symlink following vulnerability in the pouch cp function of AliyunContainerService pouch v1.3.1 allows attackers to escalate privileges and write arbitrary files.
New
|
-
|
CVE-2024-41228
|
2024-09-24 02:35 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
438
|
- |
|
-
|
-
|
A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows attackers to escalate privileges via a crafted macOS installer, because Parallels Service is setuid root.
New
|
-
|
CVE-2024-34331
|
2024-09-24 02:35 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
439
|
- |
|
-
|
-
|
PHPGurukul Dairy Farm Shop Management System v1.1 is vulnerable to Cross-Site Scripting (XSS) via the pname parameter in add_product.php and edit_product.php.
New
|
-
|
CVE-2024-46241
|
2024-09-24 02:35 |
2024-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
440
|
6.1 |
MEDIUM
Network
|
mojoportal
|
mojoportal
|
Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2023-44012
|
2024-09-24 02:35 |
2023-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|