|
921
|
6.5 |
MEDIUM
Network
|
microsoft
|
windows_server_2008
windows_server_2012
windows_server_2025
windows_10_1809
windows_server_2019
windows_server_2022
windows_10_21h2
windows_11_22h2
windows_10_22h2
windows_…
|
NTLM Hash Disclosure Spoofing Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-43451
|
2024-11-15 00:24 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
922
|
9.8 |
CRITICAL
Network
codezips
|
hospital_appointment_system
|
A vulnerability has been found in Codezips Hospital Appointment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /removeBranchResult.php. …
Update
|
CWE-89
SQL Injection
|
CVE-2024-11057
|
2024-11-15 00:23 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
923
|
7.1 |
HIGH
Local
|
sap
|
host_agent
|
An attacker who gains local membership to sapsys group could replace local files usually protected by privileged access. On successful exploitation the attacker could cause high impact on confidentia…
Update
|
NVD-CWE-noinfo
|
CVE-2024-47595
|
2024-11-15 00:21 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
924
|
8.8 |
HIGH
Network
|
tenda
|
ac10_firmware
|
A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk…
Update
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2024-11056
|
2024-11-15 00:21 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
925
|
8.8 |
HIGH
Local
|
microsoft
|
windows_server_2025
windows_10_1809
windows_server_2019
windows_server_2022
windows_10_21h2
windows_11_22h2
windows_10_22h2
windows_11_23h2
windows_server_2022_23h2
windows…
|
Windows Task Scheduler Elevation of Privilege Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-49039
|
2024-11-15 00:20 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
926
|
9.8 |
CRITICAL
Network
1000projects
|
beauty_parlour_management_system
|
A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0. This issue affects some unknown processing of the file /admin/admin-profile.ph…
Update
|
CWE-89
SQL Injection
|
CVE-2024-11055
|
2024-11-15 00:18 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
927
|
6.1 |
MEDIUM
Network
|
10web
|
form_maker
|
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate esc…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-10265
|
2024-11-15 00:17 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
928
|
5.5 |
MEDIUM
Local
|
razormist
|
student_record_management_system
|
A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the component Main Menu. The manipulati…
Update
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-11097
|
2024-11-15 00:14 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
929
|
6.1 |
MEDIUM
Network
|
opensuse
|
mirrorcache
|
A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in openSUSE Tumbleweed MirrorCache allows the execution of arbitrary JS via reflected XSS in the …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-49505
|
2024-11-15 00:13 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
930
|
9.8 |
CRITICAL
Network
dotnetzip.semverd_project
|
dotnetzip.semverd
|
Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: This vulnerability onl…
Update
|
CWE-22
Path Traversal
|
CVE-2024-48510
|
2024-11-15 00:04 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
