11
|
5.3 |
MEDIUM
Local
|
gnu redhat
|
cpio enterprise_linux
|
A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote unauthenticated attacker to trick a user into opening a specially crafted archive. During the extraction …
Update
|
CWE-22
Path Traversal
|
CVE-2023-7216
|
2024-09-19 15:15 |
2024-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
12
|
- |
|
-
|
-
|
langchain_experimental (aka LangChain Experimental) 0.1.17 through 0.3.0 for LangChain allows attackers to execute arbitrary code through sympy.sympify (which uses eval) in LLMSymbolicMathChain. LLMS…
New
|
-
|
CVE-2024-46946
|
2024-09-19 14:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
13
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email' parameter when a placeholder such as {email} is used for the field in versions …
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-8850
|
2024-09-19 13:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
14
|
- |
|
-
|
-
|
The WP Custom Fields Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcfs-preset shortcode in all versions up to, and including, 1.2.35 due to insufficient …
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-8364
|
2024-09-19 13:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
15
|
5.3 |
MEDIUM
Network
-
|
-
|
The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. This is due to insufficient restrictions on where the IP Address infor…
New
|
-
|
CVE-2022-4533
|
2024-09-19 13:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
16
|
- |
|
-
|
-
|
Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in plaintext.
New
|
-
|
CVE-2023-41610
|
2024-09-19 11:35 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
17
|
- |
|
-
|
-
|
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.
Update
|
-
|
CVE-2024-29851
|
2024-09-19 11:35 |
2024-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
18
|
5.5 |
MEDIUM
Local
|
justdan96
|
tsmuxer
|
A memory leak in tsMuxer version git-2539d07 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2023-45511
|
2024-09-19 11:35 |
2023-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
19
|
- |
|
-
|
-
|
A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder …
New
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2024-7387
|
2024-09-19 11:15 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
20
|
- |
|
-
|
-
|
A flaw was found in OpenShift. This issue occurs due to the misuse of elevated privileges in the OpenShift Container Platform's build process. During the build initialization step, the git-clone cont…
New
|
CWE-269
Improper Privilege Management
|
CVE-2024-45496
|
2024-09-19 11:15 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|