1441
|
9.8 |
CRITICAL
Network
soplanning
|
soplanning
|
A unauthenticated SQL Injection has been found in the SO Planning tool that occurs when the public view setting is enabled. An attacker could use this vulnerability to gain access to the underlying d…
|
CWE-89
SQL Injection
|
CVE-2024-27112
|
2024-09-19 03:42 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1442
|
9.8 |
CRITICAL
Network
agpt
|
autogpt
|
A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. The issue arises when the denylist is configured to block specific com…
|
CWE-78
OS Command
|
CVE-2024-6091
|
2024-09-19 03:41 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1443
|
9.8 |
CRITICAL
Network
reedos
|
aim-star
|
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulner…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2024-45790
|
2024-09-19 03:38 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1444
|
7.5 |
HIGH
Network
juniper
|
junos
|
An Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework (jsf) module of Juniper Networks Junos OS allows an unauthenticated network based attacker to caus…
|
NVD-CWE-Other
|
CVE-2023-36843
|
2024-09-19 03:35 |
2023-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1445
|
7.5 |
HIGH
Network
huawei
|
harmonyos emui
|
Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart.
|
CWE-843
Type Confusion
|
CVE-2023-44108
|
2024-09-19 03:35 |
2023-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1446
|
7.5 |
HIGH
Network
pxlrbt
|
filament_excel
|
Filament Excel enables excel export for Filament admin resources. The export download route `/filament-excel/{path}` allowed downloading any file without login when the webserver allows `../` in the …
|
CWE-22
Path Traversal
|
CVE-2024-42485
|
2024-09-19 03:31 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1447
|
6.5 |
MEDIUM
Network
|
ankiweb
|
anki
|
An vulnerability in the handling of Latex exists in Ankitects Anki 24.04. When Latex is sanitized to prevent unsafe commands, the verbatim package, which comes installed by default in many Latex dist…
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2024-29073
|
2024-09-19 03:31 |
2024-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1448
|
6.5 |
MEDIUM
Adjacent
|
zyxel
|
gs1900-48hpv2_firmware gs1900-48_firmware gs1900-24hpv2_firmware gs1900-24ep_firmware gs1900-24e_firmware gs1900-24_firmware gs1900-16_firmware gs1900-10hp_firmware gs1900-8hp…
|
An insufficient entropy vulnerability caused by the improper use of a randomness function with low entropy for web authentication tokens generation exists in the Zyxel GS1900-10HP firmware version V2…
|
CWE-331
Insufficient Entropy
|
CVE-2024-38270
|
2024-09-19 03:23 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1449
|
6.5 |
MEDIUM
Network
|
reedos
|
aim-star
|
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to transmission of sensitive information in plain text in certain API endpoints. An authenticated remote attacker could exploit this vul…
|
NVD-CWE-Other
|
CVE-2024-45787
|
2024-09-19 03:15 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1450
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
pmdomain: ti: Add a null pointer check to the omap_prm_domain_init
devm_kasprintf() returns a pointer to dynamically allocated me…
|
-
|
CVE-2024-35943
|
2024-09-19 03:15 |
2024-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|