|
251
|
5.3 |
MEDIUM
Network
atlassian
|
data_center
jira
jira_server
jira_data_center
|
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to view users' emails via an Information Disclosure vulnerability in the /rest/api/2/search endpoint. The a…
Update
|
NVD-CWE-noinfo
|
CVE-2021-39122
|
2024-10-11 01:35 |
2021-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
252
|
7.8 |
HIGH
Local
|
libcap_project
redhat
fedoraproject
debian
|
libcap
enterprise_linux
fedora
debian_linux
|
A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2023-2603
|
2024-10-11 01:32 |
2023-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, has been found in Codezips Online Shopping Portal 1.0. This issue affects some unknown processing of the file /update-image1.php. The manipulation o…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-9794
|
2024-10-11 01:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254
|
- |
|
-
|
-
|
A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This vulnerability affects the function ate_iwpriv_set/ate_ifconfig_set of the file /goform/ate. The manipulation l…
New
|
CWE-77
Command Injection
|
CVE-2024-9793
|
2024-10-11 01:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255
|
- |
|
-
|
-
|
pac4j is a security framework for Java. `pac4j-core` prior to version 4.0.0 is affected by a Java deserialization vulnerability. The vulnerability affects systems that store externally controlled val…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2023-25581
|
2024-10-11 01:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256
|
4.3 |
MEDIUM
Network
|
nask
|
ezd_rp
|
Incorrect User Management vulnerability in Naukowa i Akademicka Siec Komputerowa - Panstwowy Instytut Badawczy EZD RP allows logged-in user to list all users in the system, including those from other…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2024-7266
|
2024-10-11 01:15 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257
|
8.8 |
HIGH
Network
|
nask
|
ezd_rp
|
Incorrect User Management vulnerability in Naukowa i Akademicka Siec Komputerowa - Panstwowy Instytut Badawczy EZD RP allows logged-in user to change the password of any user, including root user, wh…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2024-7265
|
2024-10-11 01:15 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258
|
7.8 |
HIGH
Local
|
j11g
|
cruddiy
|
The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request to the application server.
The exploitation risk is limited since CRUDDIY is meant to be launched loca…
Update
|
CWE-78
OS Command
|
CVE-2024-4748
|
2024-10-11 01:15 |
2024-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259
|
- |
|
-
|
-
|
Ant Media Server Community Edition in a default configuration is vulnerable to an improper HTTP header based authorization, leading to a possible use of non-administrative API calls reserved only for…
Update
|
-
|
CVE-2024-3462
|
2024-10-11 01:15 |
2024-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260
|
- |
|
-
|
-
|
Improper access control vulnerability in Apaczka plugin for PrestaShop allows information gathering from saved templates without authentication.This issue affects Apaczka plugin for PrestaShop from v…
Update
|
-
|
CVE-2024-2759
|
2024-10-11 01:15 |
2024-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
