631
|
- |
|
-
|
-
|
Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information.This issue affects ValeApp: before v2.0.0.
Update
|
-
|
CVE-2024-8609
|
2024-09-30 21:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
632
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Oceanic Software ValeApp allows Stored XSS.This issue affects ValeApp: before v2.0.0.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8608
|
2024-09-30 21:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
633
|
- |
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oceanic Software ValeApp allows SQL Injection.This issue affects ValeApp: before v2.0.0.
Update
|
CWE-89
SQL Injection
|
CVE-2024-8607
|
2024-09-30 21:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
634
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, has been found in HuankeMao SCRM up to 0.0.3. Affected by this issue is the function upload_domain_verification_file of the file WxkConfig.php of th…
Update
|
-
|
CVE-2024-9278
|
2024-09-30 21:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
635
|
- |
|
-
|
-
|
A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of t…
Update
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2024-9277
|
2024-09-30 21:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
636
|
- |
|
-
|
-
|
A vulnerability classified as problematic has been found in TMsoft MyAuth Gateway 3. Affected is an unknown function of the file /index.php. The manipulation of the argument console/nocache/cmd leads…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9276
|
2024-09-30 21:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
637
|
- |
|
-
|
-
|
A vulnerability was found in jeanmarc77 123solar up to 1.8.4.5. It has been rated as critical. This issue affects some unknown processing of the file /admin/admin_invt2.php. The manipulation of the a…
Update
|
CWE-73
External Control of File Name or Path
|
CVE-2024-9275
|
2024-09-30 21:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
638
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info()
Instead of doing a BUG_ON() handle the error by return…
Update
|
NVD-CWE-Other
|
CVE-2024-46751
|
2024-09-30 21:45 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
639
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
spi: intel: Add check devm_kasprintf() returned value
intel_spi_populate_chip() use devm_kasprintf() to set pdata->name.
This can…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46769
|
2024-09-30 21:44 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
640
|
6.1 |
MEDIUM
Network
|
wp-unit
|
share_this_image
|
The ILLID Share This Image plugin before 1.04 for WordPress has XSS via the sharer.php url parameter.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2017-18015
|
2024-09-30 20:28 |
2018-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|