551
|
5.5 |
MEDIUM
Local
|
ziparchive_project
|
ziparchive
|
An unhandled edge case in the component _sanitizedPath of ZipArchive v2.5.4 allows attackers to cause a Denial of Service (DoS) via a crafted zip file.
Update
|
NVD-CWE-noinfo
|
CVE-2023-39136
|
2024-10-2 06:35 |
2023-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
552
|
4.7 |
MEDIUM
Local
|
-
|
-
|
A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrar…
New
|
CWE-20
Improper Input Validation
|
CVE-2024-9407
|
2024-10-2 06:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
553
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Device Dependencies" feature allows authenticated users to inject…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-47527
|
2024-10-2 06:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
554
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting (Self-XSS) vulnerability in the "Alert Templates" feature allows users to inject arbitrary Java…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-47526
|
2024-10-2 06:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
555
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Alert Rules" feature allows authenticated users to inject arbitra…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-47525
|
2024-10-2 06:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
556
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can create a Device Groups, the application did not properly sanitize the user input in the Device Gro…
New
|
-
|
CVE-2024-47524
|
2024-10-2 06:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
557
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Alert Transports" feature allows authenticated users to inject ar…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-47523
|
2024-10-2 06:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
558
|
6.5 |
MEDIUM
Network
|
apache
|
druid
|
Apache Druid allows users with certain permissions to read data from other database systems using JDBC. This functionality allows trusted users to set up Druid lookups or run ingestion tasks. Druid a…
Update
|
NVD-CWE-noinfo
|
CVE-2024-45537
|
2024-10-2 05:41 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
559
|
4.9 |
MEDIUM
Network
|
formtools
|
form_tools
|
A vulnerability, which was classified as problematic, has been found in formtools.org Form Tools 3.1.1. This issue affects some unknown processing of the file /admin/settings/index.php?page=accounts …
Update
|
CWE-94
Code Injection
|
CVE-2024-6936
|
2024-10-2 05:37 |
2024-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
560
|
- |
|
-
|
-
|
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated user can craft malicious payloads using the messages feature, which allows the injection of malicious cod…
New
|
-
|
CVE-2024-46083
|
2024-10-2 05:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|