2311
|
7.5 |
HIGH
Network
|
drupal
|
drupal
|
In certain scenarios, Drupal's JSON:API module will output error backtraces. With some configurations, this may cause sensitive information to be cached and made available to anonymous users, leading…
|
NVD-CWE-noinfo
|
CVE-2023-5256
|
2024-09-24 04:35 |
2023-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2312
|
4.8 |
MEDIUM
Network
|
ritecms
|
ritecms
|
Rite CMS 3.0 has a Cross-Site scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload into the Global Content Blocks in the Administration Menu.
|
CWE-79
Cross-site Scripting
|
CVE-2023-43879
|
2024-09-24 04:35 |
2023-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2313
|
5.3 |
MEDIUM
Network
oracle
|
access_manager
|
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerabili…
|
NVD-CWE-noinfo
|
CVE-2022-39405
|
2024-09-24 04:35 |
2022-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2314
|
6.4 |
MEDIUM
Network
|
oracle
|
banking_trade_finance
|
Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit v…
|
NVD-CWE-noinfo
|
CVE-2022-21586
|
2024-09-24 04:35 |
2022-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2315
|
5.3 |
MEDIUM
Network
contao
|
contao
|
Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page (front end). Users are advised to update to…
|
CWE-74
Injection
|
CVE-2024-45612
|
2024-09-24 04:33 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2316
|
6.1 |
MEDIUM
Local
|
apple
|
macos iphone_os ipados
|
A privacy issue was addressed with improved handling of files. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An unencrypted document may be written to a temporary file when using pri…
|
NVD-CWE-noinfo
|
CVE-2024-40826
|
2024-09-24 04:25 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2317
|
3.3 |
LOW
Local
|
apple
|
iphone_os ipados
|
This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to enumerate a user's installed apps.
|
NVD-CWE-noinfo
|
CVE-2024-40830
|
2024-09-24 04:19 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2318
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access a user's Photos Library.
|
CWE-281
Improper Preservation of Permissions
|
CVE-2024-40831
|
2024-09-24 04:18 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2319
|
- |
|
-
|
-
|
An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 13…
|
-
|
CVE-2024-25074
|
2024-09-24 04:15 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2320
|
- |
|
-
|
-
|
An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 13…
|
-
|
CVE-2024-25073
|
2024-09-24 04:15 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|