1811
|
6.1 |
MEDIUM
Network
|
jetbrains
|
intellij_idea
|
In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible
|
CWE-79
Cross-site Scripting
|
CVE-2024-46970
|
2024-09-20 22:23 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1812
|
5.0 |
MEDIUM
Network
|
nozominetworks
|
cmc guardian
|
An access control vulnerability was discovered in the Reports section due to a specific access restriction not being properly enforced for users with limited privileges.
If a logged-in user with r…
|
CWE-863
Incorrect Authorization
|
CVE-2024-4465
|
2024-09-20 22:15 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1813
|
6.5 |
MEDIUM
Network
|
mintplexlabs
|
anythingllm
|
mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in its upload file endpoint, leading to a denial of service (DOS) condition. Specifically, the server can …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-3153
|
2024-09-20 22:15 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1814
|
- |
|
-
|
-
|
A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian, caused by improper input validation in certain fields used in the Radius parsing functionality of our IDS, allows an unauthenticat…
|
-
|
CVE-2024-0218
|
2024-09-20 22:15 |
2024-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1815
|
9.8 |
CRITICAL
Network
artistscope
|
artisbrowser
|
An issue in ArtistScope ArtisBrowser v.34.1.5 and before allows an attacker to bypass intended access restrictions via interaction with the com.artis.browser.IntentReceiverActivity component. NOTE: t…
|
CWE-94
Code Injection
|
CVE-2023-49000
|
2024-09-20 22:15 |
2023-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1816
|
6.5 |
MEDIUM
Network
|
nozominetworks
|
cmc guardian
|
A SQL Injection vulnerability has been found in Nozomi Networks Guardian and CMC, due to improper input validation in certain parameters used in the Query functionality.
Authenticated users may be ab…
|
CWE-89
SQL Injection
|
CVE-2023-2567
|
2024-09-20 22:15 |
2023-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1817
|
7.0 |
HIGH
Local
|
nozominetworks
|
cmc guardian
|
In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC versions before 22.6.2 do not always completely invalidate the user session upon logout. Thus an authe…
|
CWE-384
Session Fixation
|
CVE-2023-24477
|
2024-09-20 22:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1818
|
5.5 |
MEDIUM
Local
|
samsung
|
exynos_980_firmware exynos_850_firmware exynos_1080_firmware exynos_1280_firmware exynos_1380_firmware exynos_1330_firmware exynos_1480_firmware exynos_w920_firmware exynos_w9…
|
An issue was discovered in Samsung Mobile Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_b…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-27365
|
2024-09-20 22:09 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1819
|
7.2 |
HIGH
Network
|
mailcow
|
mailcow\
|
mailcow: dockerized is an open source groupware/email suite based on docker. A vulnerability has been discovered in the two-factor authentication (2FA) mechanism. This flaw allows an authenticated at…
|
NVD-CWE-noinfo
|
CVE-2024-41958
|
2024-09-20 21:58 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1820
|
8.8 |
HIGH
Network
|
nuxt
|
nuxt
|
Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. Nuxt Devtools is missing authentication on the `getTextAssetContent` RPC function which is vul…
|
CWE-22
Path Traversal
|
CVE-2024-23657
|
2024-09-20 21:49 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|