2321
|
9.1 |
CRITICAL
Network
wcms
|
wcms
|
A vulnerability classified as critical was found in vedees wcms up to 0.3.2. Affected by this vulnerability is an unknown functionality of the file /wex/finder.php. The manipulation of the argument p…
|
CWE-22
Path Traversal
|
CVE-2024-8875
|
2024-09-21 07:44 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2322
|
7.5 |
HIGH
Network
smart-hmi
|
webiq
|
The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system.
|
CWE-22
Path Traversal
|
CVE-2024-8752
|
2024-09-21 07:42 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2323
|
9.1 |
CRITICAL
Network
nextcloud
|
desktop
|
In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server and client) may become world writable or world readable. This is fixed in 3.13.4.
|
NVD-CWE-noinfo
|
CVE-2024-46958
|
2024-09-21 07:41 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2324
|
6.5 |
MEDIUM
Network
gitpython_project
|
gitpython
|
GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file bei…
|
CWE-22
Path Traversal
|
CVE-2023-41040
|
2024-09-21 06:15 |
2023-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2325
|
- |
|
-
|
-
|
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to conduct a man in the middle attack when deploying Open Source scripts due to missing certificate validation…
|
CWE-295
Improper Certificate Validation
|
CVE-2024-31872
|
2024-09-21 05:15 |
2024-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2326
|
7.8 |
HIGH
Local
|
ibm
|
i
|
Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-22346
|
2024-09-21 05:15 |
2024-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2327
|
5.5 |
MEDIUM
Local
|
ibm
|
i_access_client_solutions
|
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS config…
|
CWE-384
Session Fixation
|
CVE-2024-22318
|
2024-09-21 05:15 |
2024-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2328
|
9.8 |
CRITICAL
Network
man
|
d-tale
|
D-Tale is a visualizer for Pandas data structures. Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Users should upgrad…
|
NVD-CWE-noinfo
|
CVE-2024-45595
|
2024-09-21 04:59 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2329
|
8.8 |
HIGH
Network
|
nixos
|
nix
|
Nix is a package manager for Linux and other Unix systems. A bug in Nix 2.24 prior to 2.24.6 allows a substituter or malicious user to craft a NAR that, when unpacked by Nix, causes Nix to write to a…
|
CWE-22
Path Traversal
|
CVE-2024-45593
|
2024-09-21 04:57 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2330
|
6.1 |
MEDIUM
Network
|
damienharper
|
auditor-bundle
|
auditor-bundle, formerly known as DoctrineAuditBundle, integrates auditor library into any Symfony 3.4+ application. Prior to version 5.2.6, there is an unescaped entity property enabling Javascript …
|
CWE-79
Cross-site Scripting
|
CVE-2024-45592
|
2024-09-21 04:57 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|