1561
|
7.8 |
HIGH
Local
|
gnu fedoraproject redhat debian canonical
|
glibc fedora virtualization_host virtualization enterprise_linux enterprise_linux_server_aus enterprise_linux_server_tus enterprise_linux_eus codeready_linux_builder_for_power…
|
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously craft…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-4911
|
2024-09-18 04:46 |
2023-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1562
|
6.1 |
MEDIUM
Network
|
getwemail
|
wemail
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in weDevs weMail allows Reflected XSS.This issue affects weMail: from n/a through 1.14.5.
|
CWE-79
Cross-site Scripting
|
CVE-2024-43238
|
2024-09-18 04:27 |
2024-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1563
|
5.4 |
MEDIUM
Network
|
labvantage
|
laboratory_information_management_system
|
A vulnerability was found in LabVantage LIMS 2017. It has been rated as problematic. This issue affects some unknown processing of the file /labvantage/rc?command=page of the component POST Request H…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6368
|
2024-09-18 04:22 |
2024-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1564
|
5.4 |
MEDIUM
Network
|
labvantage
|
laboratory_information_management_system
|
A vulnerability classified as problematic has been found in LabVantage LIMS 2017. Affected is an unknown function of the file /labvantage/rc?command=page&sdcid=LV_ReagentLot of the component POST Req…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6369
|
2024-09-18 04:19 |
2024-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1565
|
5.4 |
MEDIUM
Network
|
labvantage
|
laboratory_information_management_system
|
A vulnerability classified as problematic was found in LabVantage LIMS 2017. Affected by this vulnerability is an unknown functionality of the file /labvantage/rc?command=file&file=WEB-OPAL/pagetypes…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6370
|
2024-09-18 04:17 |
2024-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1566
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox firefox_esr thunderbird
|
ANGLE failed to initialize parameters which lead to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ES…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-7526
|
2024-09-18 04:15 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1567
|
6.3 |
MEDIUM
Network
|
hushline
|
hush_line
|
Hush Line is a free and open-source, anonymous-tip-line-as-a-service for organizations or individuals. The CSP policy applied on the `tips.hushline.app` website and bundled by default in this reposit…
|
CWE-697
Incorrect Comparison
|
CVE-2024-38522
|
2024-09-18 04:06 |
2024-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1568
|
6.1 |
MEDIUM
Network
|
hushline
|
hush_line
|
Hush Line is a free and open-source, anonymous-tip-line-as-a-service for organizations or individuals. There is a stored XSS in the Inbox. The input is displayed using the `safe` Jinja2 attribute, an…
|
CWE-79
Cross-site Scripting
|
CVE-2024-38521
|
2024-09-18 04:06 |
2024-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1569
|
5.3 |
MEDIUM
Network
jetbrains
|
teamcity
|
In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile settings
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-39879
|
2024-09-18 03:57 |
2024-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1570
|
5.3 |
MEDIUM
Network
jetbrains
|
teamcity
|
In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-39878
|
2024-09-18 03:50 |
2024-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|