2081
|
3.9 |
LOW
Physics
|
redhat opensc_project
|
enterprise_linux opensc
|
A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When …
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-45620
|
2024-09-20 04:21 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2082
|
6.5 |
MEDIUM
Network
|
eaton
|
foreseer_electrical_power_monitoring_system
|
The Eaton Foreseer software provides multiple customizable input fields for the users to configure parameters in the tool like alarms, reports, etc. Some of these input fields were not checking the l…
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2024-31416
|
2024-09-20 04:06 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2083
|
6.1 |
MEDIUM
Network
|
spiffyplugins
|
spiffy_calendar
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Spiffy Plugins Spiffy Calendar allows Reflected XSS.This issue affects Spiffy Calendar: fr…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45458
|
2024-09-20 03:55 |
2024-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2084
|
4.8 |
MEDIUM
Network
|
joomunited
|
wp_meta_seo
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO allows Stored XSS.This issue affects WP Meta SEO: from n/a through …
|
CWE-79
Cross-site Scripting
|
CVE-2024-45455
|
2024-09-20 03:51 |
2024-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2085
|
8.1 |
HIGH
Network
|
eaton
|
foreseer_electrical_power_monitoring_system
|
The Eaton Foreseer software provides the feasibility for the user to configure external servers for multiple purposes such as network management, user management, etc. The software uses encryption to…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-31415
|
2024-09-20 03:50 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2086
|
6.1 |
MEDIUM
Network
|
eaton
|
foreseer_electrical_power_monitoring_system
|
The Eaton Foreseer software provides users the capability to customize the dashboard in WebView pages. However, the input fields for this feature in the Eaton Foreseer software lacked proper input sa…
|
CWE-79
Cross-site Scripting
|
CVE-2024-31414
|
2024-09-20 03:48 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2087
|
5.4 |
MEDIUM
Network
|
joomunited
|
wp_meta_seo
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in JoomUnited WP Meta SEO allows Stored XSS.This issue affects WP Meta SEO: from n/a through …
|
CWE-79
Cross-site Scripting
|
CVE-2024-45456
|
2024-09-20 03:38 |
2024-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2088
|
8.1 |
HIGH
Network
|
lunary
|
lunary
|
A Cross-Site Request Forgery (CSRF) vulnerability exists in lunary-ai/lunary version 1.2.34 due to overly permissive CORS settings. This vulnerability allows an attacker to sign up for and create pro…
|
CWE-352
Origin Validation Error
|
CVE-2024-6862
|
2024-09-20 03:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2089
|
5.3 |
MEDIUM
Network
mediawiki
|
mediawiki
|
An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It does not check for the anti-CSRF edit token in Spe…
|
NVD-CWE-noinfo
|
CVE-2023-45374
|
2024-09-20 03:35 |
2023-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2090
|
5.3 |
MEDIUM
Network
mediawiki
|
mediawiki
|
An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. During item merging, ItemMergeInteractor does not have a…
|
NVD-CWE-noinfo
|
CVE-2023-45372
|
2024-09-20 03:35 |
2023-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|