1711
|
8.8 |
HIGH
Network
|
mindsdb
|
mindsdb
|
An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases crea…
|
CWE-94
Code Injection
|
CVE-2024-45850
|
2024-09-17 02:35 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1712
|
8.8 |
HIGH
Network
|
mindsdb
|
mindsdb
|
An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases crea…
|
CWE-94
Code Injection
|
CVE-2024-45849
|
2024-09-17 02:34 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1713
|
8.8 |
HIGH
Network
|
mindsdb
|
mindsdb
|
An arbitrary code execution vulnerability exists in versions 23.12.4.0 up to 24.7.4.1 of the MindsDB platform, when the ChromaDB integration is installed on the server. If a specially crafted ‘INSERT…
|
CWE-94
Code Injection
|
CVE-2024-45848
|
2024-09-17 02:33 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1714
|
8.8 |
HIGH
Network
|
mindsdb
|
mindsdb
|
An arbitrary code execution vulnerability exists in versions 23.11.4.2 up to 24.7.4.1 of the MindsDB platform, when one of several integrations is installed on the server. If a specially crafted ‘UPD…
|
CWE-94
Code Injection
|
CVE-2024-45847
|
2024-09-17 02:31 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1715
|
8.8 |
HIGH
Network
|
mindsdb
|
mindsdb
|
An arbitrary code execution vulnerability exists in versions 23.10.3.0 up to 24.7.4.1 of the MindsDB platform, when the Weaviate integration is installed on the server. If a specially crafted ‘SELECT…
|
CWE-94
Code Injection
|
CVE-2024-45846
|
2024-09-17 02:30 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1716
|
5.4 |
MEDIUM
Network
|
rocket.chat
|
rocket.chat
|
The Electron desktop application of Rocket.Chat through 6.3.4 allows stored XSS via links in an uploaded file, related to failure to use a separate browser upon encountering third-party external acti…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45621
|
2024-09-17 02:28 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1717
|
5.4 |
MEDIUM
Network
|
elabftw
|
elabftw
|
eLabFTW is an open source electronic lab notebook for research labs. By uploading specially crafted files, a regular user can create a circumstance where a visitor's browser runs arbitrary JavaScript…
|
CWE-79
Cross-site Scripting
|
CVE-2024-28100
|
2024-09-17 02:28 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1718
|
- |
|
-
|
-
|
Improper access control in Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable denial of service via adjacent access.
|
CWE-284
Improper Access Control
|
CVE-2024-36261
|
2024-09-17 02:16 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1719
|
- |
|
-
|
-
|
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable denial of service via adjacent access.
|
CWE-284
Improper Access Control
|
CVE-2024-36247
|
2024-09-17 02:16 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1720
|
- |
|
-
|
-
|
Improper input validation in some Intel(R) RAID Web Console software all versions may allow an authenticated user to potentially enable information disclosure via adjacent access.
|
-
|
CVE-2024-34545
|
2024-09-17 02:16 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|