301
|
8.1 |
HIGH
Network
|
fortinet
|
forticlient
|
AAn improper certificate validation vulnerability [CWE-295] in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 thr…
|
CWE-295
Improper Certificate Validation
|
CVE-2024-31489
|
2024-09-21 04:41 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
302
|
- |
|
-
|
-
|
The Versa Director offers REST APIs for orchestration and management. By design, certain APIs, such as the login screen, banner display, and device registration, do not require authentication. Howeve…
|
-
|
CVE-2024-45229
|
2024-09-21 04:35 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
303
|
7.8 |
HIGH
Local
|
sonicwall
|
netextender
|
A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running…
|
NVD-CWE-noinfo
|
CVE-2023-44217
|
2024-09-21 04:35 |
2023-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
304
|
9.8 |
CRITICAL
Network
sandhillsdev
|
easy_digital_downloads
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Easy Digital Downloads allows SQL Injection.This issue affects Easy Digital Downloads: from n/a t…
|
CWE-89
SQL Injection
|
CVE-2024-5057
|
2024-09-21 04:31 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
305
|
5.3 |
MEDIUM
Network
conduit
|
conduit
|
Incomplete cleanup when performing redactions in Conduit, allowing an attacker to check whether certain strings were present in the PDU before redaction
|
CWE-459
Incomplete Cleanup
|
CVE-2024-6300
|
2024-09-21 04:28 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
306
|
3.7 |
LOW
Network
|
conduit
|
conduit
|
Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an expired key to forge requests as the remote server, as well as PDUs with times…
|
NVD-CWE-Other
|
CVE-2024-6299
|
2024-09-21 04:24 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
307
|
3.7 |
LOW
Network
|
spa-cart
|
spa-cartcms
|
A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected is an unknown function of the file /login of the component Username Handler. The manipulation of the a…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-6129
|
2024-09-21 04:21 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
308
|
- |
|
-
|
-
|
Navidrome is an open source web-based music collection server and streamer. Navidrome automatically adds parameters in the URL to SQL queries. This can be exploited to access information by adding pa…
|
CWE-89
SQL Injection
|
CVE-2024-47062
|
2024-09-21 04:15 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
309
|
- |
|
-
|
-
|
Plate is a javascript toolkit that makes it easier for you to develop with Slate, a popular framework for building text editors. One longstanding feature of Plate is the ability to add custom DOM att…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47061
|
2024-09-21 04:15 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
310
|
- |
|
-
|
-
|
Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. An attacker can potentially replace the cont…
|
CWE-200
Information Exposure
|
CVE-2024-42351
|
2024-09-21 04:15 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|