311
|
- |
|
-
|
-
|
A vulnerability classified as problematic has been found in RelaxedJS ReLaXed up to 0.2.2. Affected is an unknown function of the component Pug to PDF Converter. The manipulation leads to cross site …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9283
|
2024-09-27 23:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
312
|
- |
|
-
|
-
|
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.8 via multiple style paramete…
|
CWE-22
Path Traversal
|
CVE-2024-7149
|
2024-09-27 23:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
313
|
- |
|
-
|
-
|
Ampache is a web based audio/video streaming application and file manager. Prior to version 6.6.0, the Democratic Playlist Name is vulnerable to a stored cross-site scripting. Version 6.6.0 fixes thi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47184
|
2024-09-27 23:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
314
|
- |
|
-
|
-
|
Dozzle is a realtime log viewer for docker containers. Before version 8.5.3, the app uses sha-256 as the hash for passwords, which leaves users susceptible to rainbow table attacks. The app switches …
|
CWE-328
Use of Weak Hash
|
CVE-2024-47182
|
2024-09-27 23:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
315
|
7.5 |
HIGH
Network
ibm
|
db2
|
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2023-47152
|
2024-09-27 23:15 |
2024-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
316
|
8.1 |
HIGH
Network
|
ibm
|
cics_transaction_gateway
|
IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper access controls.
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2023-47140
|
2024-09-27 23:15 |
2024-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
317
|
7.5 |
HIGH
Network
ibm
|
txseries_for_multiplatform cics_tx
|
IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2023-33850
|
2024-09-27 23:15 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
318
|
7.8 |
HIGH
Local
|
ibm
|
spectrum_protect_backup-archive_client
|
IBM Spectrum Protect Backup-Archive Client 8.1.0.0 through 8.1.17.2 may allow a local user to escalate their privileges due to improper access controls.
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2023-28956
|
2024-09-27 23:15 |
2023-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
319
|
9.8 |
CRITICAL
Network
purestorage
|
purity\/\/fa
|
A condition exists in FlashArray Purity whereby an attacker can employ a privileged account allowing remote access to the array.
|
NVD-CWE-noinfo
|
CVE-2024-0002
|
2024-09-27 23:13 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
320
|
9.8 |
CRITICAL
Network
purestorage
|
purity\/\/fa
|
A condition exists in FlashArray Purity whereby a local account intended for initial array configuration remains active potentially allowing a malicious actor to gain elevated privileges.
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2024-0001
|
2024-09-27 23:08 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|