1431
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered with pipeline execution policies in GitLab EE affecting all versions from 17.2 prior to 17.2.5, 17.3 prior to 17.3.2 which allows authenticated users to bypass variable overwr…
|
NVD-CWE-noinfo
|
CVE-2024-8311
|
2024-09-19 04:12 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1432
|
6.1 |
MEDIUM
Network
|
mayurik
|
best_house_rental_management_system
|
A vulnerability was found in SourceCodester Best House Rental Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file categories.php. The manip…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8708
|
2024-09-19 04:11 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1433
|
6.5 |
MEDIUM
Network
|
microsoft
|
edge
|
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-38222
|
2024-09-19 04:01 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1434
|
7.3 |
HIGH
Local
|
cisco
|
meraki_systems_manager
|
A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges.
This vulnerability is …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-20430
|
2024-09-19 03:56 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1435
|
8.8 |
HIGH
Network
|
owasp
|
defectdojo
|
An issue in OWASP DefectDojo before v.1.5.3.1 allows a remote attacker to escalate privileges via the user permissions component.
|
NVD-CWE-Other
|
CVE-2023-48171
|
2024-09-19 03:54 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1436
|
7.5 |
HIGH
Network
emqx
|
nanomq
|
An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service (DoS).
|
NVD-CWE-noinfo
|
CVE-2024-44460
|
2024-09-19 03:53 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1437
|
7.5 |
HIGH
Network
octavolabs
|
vernemq
|
A memory allocation issue in vernemq v2.0.1 allows attackers to cause a Denial of Service (DoS) via excessive memory consumption.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-44459
|
2024-09-19 03:53 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1438
|
7.5 |
HIGH
Network
i-doit
|
i-doit
|
SQL injection vulnerability in idoit pro version 28. This vulnerability could allow an attacker to send a specially crafted query to the ID parameter in /var/www/html/src/classes/modules/api/model/cm…
|
CWE-89
SQL Injection
|
CVE-2024-8749
|
2024-09-19 03:53 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1439
|
8.8 |
HIGH
Network
|
sir
|
gnuboard
|
Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a CORS misconfiguration.
|
CWE-346
Origin Validation Error
|
CVE-2024-41475
|
2024-09-19 03:51 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1440
|
9.8 |
CRITICAL
Network
soplanning
|
soplanning
|
An unauthenticated Insecure Direct Object Reference (IDOR) to the database has been found in the SO Planning tool that occurs when the public view setting is enabled. An attacker could use this vulne…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-27113
|
2024-09-19 03:43 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|