2471
|
4.3 |
MEDIUM
Physics
|
redhat opensc_project
|
enterprise_linux opensc
|
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially craft…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-45619
|
2024-09-24 08:26 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2472
|
7.2 |
HIGH
Network
|
acquia
|
mautic
|
Prior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle.
The user could retrieve and alter data like sensitive data, login, and…
|
CWE-89
SQL Injection
|
CVE-2022-25775
|
2024-09-24 08:22 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2473
|
5.4 |
MEDIUM
Network
|
acquia
|
mautic
|
Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic.
Users could inject malicious code into the notification when sa…
|
CWE-79
Cross-site Scripting
|
CVE-2022-25774
|
2024-09-24 08:21 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2474
|
4.8 |
MEDIUM
Network
|
concretecms
|
concrete_cms
|
Concrete CMS versions 9.0.0 through 9.3.3 are affected by a
stored XSS vulnerability in the "Top Navigator Bar" block.
Since the "Top Navigator Bar" output was not sufficiently sanitized, a rogue adm…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8660
|
2024-09-24 08:00 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2475
|
5.5 |
MEDIUM
Local
|
apple
|
visionos
|
The issue was addressed with improved handling of caches. This issue is fixed in visionOS 2. An app may be able to read sensitive data from the GPU memory.
|
NVD-CWE-noinfo
|
CVE-2024-40790
|
2024-09-24 07:55 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2476
|
4.8 |
MEDIUM
Network
|
ingenico
|
estate_management
|
A vulnerability, which was classified as problematic, has been found in Ingenico Estate Manager 2023. This issue affects some unknown processing of the file /emgui/rest/ums/messages of the component …
|
CWE-79
Cross-site Scripting
|
CVE-2024-6059
|
2024-09-24 07:44 |
2024-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2477
|
6.1 |
MEDIUM
Network
|
labvantage
|
laboratory_information_management_system
|
A vulnerability classified as problematic has been found in LabVantage LIMS 2017. This affects an unknown part of the file /labvantage/rc?command=page&page=SampleHistoricalList&_iframename=list&__crc…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6058
|
2024-09-24 07:40 |
2024-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2478
|
7.5 |
HIGH
Network
kubeflow
|
kubeflow
|
kubeflow/kubeflow is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to inefficient regular expression complexity in its email validation mechanism. An attacker can remotely e…
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2024-5552
|
2024-09-24 07:31 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2479
|
7.5 |
HIGH
Network
dlink
|
dir-619l_firmware
|
D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formLanguageChange function.
|
CWE-787
Out-of-bounds Write
|
CVE-2023-43862
|
2024-09-24 06:35 |
2023-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2480
|
8.8 |
HIGH
Network
|
phpkobo
|
ajaxnewsticker
|
An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter.
|
CWE-94
Code Injection
|
CVE-2023-41450
|
2024-09-24 06:35 |
2023-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|