1781
|
6.5 |
MEDIUM
Network
|
opendaylight
|
model-driven_service_abstraction_layer
|
In OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment.
|
NVD-CWE-noinfo
|
CVE-2024-46942
|
2024-09-26 03:08 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1782
|
5.4 |
MEDIUM
Network
|
workdo
|
crmgo_saas
|
A vulnerability classified as problematic was found in CodeCanyon CRMGo SaaS 7.2. This vulnerability affects unknown code of the file /deal/{note_id}/note. The manipulation of the argument notes lead…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9030
|
2024-09-26 03:01 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1783
|
9.8 |
CRITICAL
Network
cellopoint
|
secure_email_gateway
|
Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Remote unauthenticated attackers can send crafted packets to crash the process, thereby bypassing aut…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-9043
|
2024-09-26 02:54 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1784
|
9.8 |
CRITICAL
Network
medialibs
|
webo-facto
|
The Webo-facto plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.40 due to insufficient restriction on the 'doSsoAuthentification' function. This makes it…
|
NVD-CWE-noinfo
|
CVE-2024-8853
|
2024-09-26 02:49 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1785
|
9.8 |
CRITICAL
Network
gematik
|
reference_validator
|
The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons p…
|
CWE-611
XXE
|
CVE-2024-46984
|
2024-09-26 02:49 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1786
|
9.8 |
CRITICAL
Network
code-projects
|
crud_operation_system
|
A vulnerability, which was classified as critical, was found in code-projects Crud Operation System 1.0. Affected is an unknown function of the file updata.php. The manipulation of the argument sid l…
|
CWE-89
SQL Injection
|
CVE-2024-9011
|
2024-09-26 02:48 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1787
|
9.8 |
CRITICAL
Network
fabianros
|
online_quiz_site
|
A vulnerability, which was classified as critical, has been found in code-projects Online Quiz Site 1.0. This issue affects some unknown processing of the file showtest.php. The manipulation of the a…
|
CWE-89
SQL Injection
|
CVE-2024-9009
|
2024-09-26 02:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1788
|
9.8 |
CRITICAL
Network
antfin
|
sofa-hessian
|
sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous cla…
|
NVD-CWE-noinfo
|
CVE-2024-46983
|
2024-09-26 02:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1789
|
7.5 |
HIGH
Network
traefik
|
traefik
|
Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the req…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2024-45410
|
2024-09-26 02:39 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1790
|
7.5 |
HIGH
Network
f-secure
|
linux_protection linux_security_64 atlant client_security elements_endpoint_protection email_and_server_security server_security
|
Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSec…
|
NVD-CWE-noinfo
|
CVE-2023-43765
|
2024-09-26 02:35 |
2023-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|