1131
|
6.5 |
MEDIUM
Network
|
zoom
|
zoom vdi_windows_meeting_clients meeting_software_development_kit
|
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via …
|
NVD-CWE-noinfo
|
CVE-2024-24696
|
2024-10-4 23:33 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1132
|
- |
|
-
|
-
|
The Eufy Homebase 2 before firmware version 3.3.4.1h creates a dedicated wireless network for its ecosystem, which serves as a proxy to the end user's primary network. The WPA2-PSK generation of this…
|
-
|
CVE-2023-37822
|
2024-10-4 23:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1133
|
4.4 |
MEDIUM
Local
|
fortinet
|
fortiproxy fortios
|
A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy ve…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2024-21754
|
2024-10-4 23:13 |
2024-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1134
|
6.7 |
MEDIUM
Local
|
zoom
|
vdi_windows_meeting_clients rooms zoom meeting_sdk
|
Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access.
|
CWE-426
Untrusted Search Path
|
CVE-2024-24697
|
2024-10-4 23:08 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1135
|
- |
|
-
|
-
|
Scriptcase v9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_zip function.
|
-
|
CVE-2024-46080
|
2024-10-4 22:51 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1136
|
- |
|
-
|
-
|
A vulnerability classified as problematic has been found in OFCMS 1.1.2. This affects the function add of the file /admin/system/dict/add.json?sqlid=system.dict.save. The manipulation of the argument…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9411
|
2024-10-4 22:51 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1137
|
6.5 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may …
|
CWE-457
Use of Uninitialized Variable
|
CVE-2024-9355
|
2024-10-4 22:51 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1138
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw a…
|
CWE-59
Link Following
|
CVE-2024-9341
|
2024-10-4 22:51 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1139
|
- |
|
-
|
-
|
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated user can craft malicious payloads using the messages feature, which allows the injection of malicious cod…
|
-
|
CVE-2024-46083
|
2024-10-4 22:51 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1140
|
- |
|
-
|
-
|
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated user can craft malicious payloads in the To-Do List. The assigned user will trigger a stored XSS, which i…
|
-
|
CVE-2024-46081
|
2024-10-4 22:51 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|