1511
|
9.6 |
CRITICAL
Network
|
cocoapods
|
trunk.cocoapods.org
|
trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. Prior to commit d4fa66f49cedab449af9a56a21ab40697b9f7b97, the trunk sessions verification step could be manipul…
|
NVD-CWE-Other
|
CVE-2024-38367
|
2024-09-19 00:16 |
2024-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1512
|
3.7 |
LOW
Network
|
oracle netapp
|
java_jre java_jdk graalvm oncommand_workflow_automation
|
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf,…
|
NVD-CWE-noinfo
|
CVE-2024-21144
|
2024-09-19 00:15 |
2024-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1513
|
9.8 |
CRITICAL
Network
oneflow
|
oneflow
|
An issue in the oneflow.permute component of OneFlow-Inc. Oneflow v0.9.1 causes an incorrect calculation when the same dimension operation is performed.
|
CWE-682
Incorrect Calculation
|
CVE-2024-36736
|
2024-09-19 00:06 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1514
|
8.1 |
HIGH
Network
|
microsoft
|
windows_server_2019 windows_server_2022 windows_server_2022_23h2 windows_11_24h2 windows_10_22h2 windows_11_23h2 windows_11_22h2 windows_11_21h2 windows_10_1809 windows_10_…
|
Windows TCP/IP Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-38045
|
2024-09-19 00:04 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1515
|
8.8 |
HIGH
Network
|
microsoft
|
sharepoint_server
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-38018
|
2024-09-19 00:04 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1516
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10_1507 windows_server_2019 windows_server_2022 windows_server_2022_23h2 windows_11_24h2 windows_10_1607 windows_server_2016 windows_10_22h2 windows_11_23h2 windows…
|
PowerShell Elevation of Privilege Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-38046
|
2024-09-19 00:02 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1517
|
6.1 |
MEDIUM
Network
|
discourse
|
discourse
|
Discourse is an open-source discussion platform. Prior to version 3.2.3 on the `stable` branch and version 3.3.0.beta3 on the `tests-passed` branch, an attacker can execute arbitrary JavaScript on us…
|
CWE-79
Cross-site Scripting
|
CVE-2024-35234
|
2024-09-18 23:47 |
2024-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1518
|
6.5 |
MEDIUM
Network
|
discourse
|
discourse
|
Discourse is an open-source discussion platform. Prior to version 3.2.3 on the `stable` branch, version 3.3.0.beta3 on the `beta` branch, and version 3.3.0.beta4-dev on the `tests-passed` branch, a r…
|
CWE-862
Missing Authorization
|
CVE-2024-36113
|
2024-09-18 23:44 |
2024-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1519
|
6.1 |
MEDIUM
Network
|
hitachi
|
business_analytics_server
|
Hitachi Vantara Pentaho Business Analytics Server prior to versions 10.1.0.0 and 9.3.0.7, including 8.3.x allow a malicious URL to inject content into the Analyzer plugin interface.
|
CWE-79
Cross-site Scripting
|
CVE-2024-28983
|
2024-09-18 23:36 |
2024-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1520
|
8.2 |
HIGH
Network
hitachi
|
pentaho_business_analytics_server
|
Hitachi Vantara Pentaho Business Analytics Server versions before 10.1.0.0 and 9.3.0.7, including 8.3.x do not correctly protect the ACL service endpoint of the Pentaho User Console against XML Exter…
|
CWE-776
XML Entity Expansion
|
CVE-2024-28982
|
2024-09-18 23:36 |
2024-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|