131
|
- |
|
-
|
-
|
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" lea…
New
|
-
|
CVE-2024-47187
|
2024-10-17 04:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
132
|
- |
|
-
|
-
|
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU t…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-45797
|
2024-10-17 04:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
133
|
- |
|
-
|
-
|
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, a logic error during fragment reassembly can lead to fail…
New
|
CWE-193
Off-by-one Error
|
CVE-2024-45796
|
2024-10-17 04:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
134
|
- |
|
-
|
-
|
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemen…
New
|
CWE-617
Reachable Assertion
|
CVE-2024-45795
|
2024-10-17 04:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
135
|
8.2 |
HIGH
Network
|
cacti
|
cacti
|
Cacti is an open source performance and fault management framework. The`consolenewsection` parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewse…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-43365
|
2024-10-17 04:15 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
136
|
8.8 |
HIGH
Network
|
phpoffice
|
phpspreadsheet
|
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file that links images from arbitrary paths. When embedding images h…
Update
|
CWE-22 CWE-918
Path Traversal Server-Side Request Forgery (SSRF)
|
CVE-2024-45291
|
2024-10-17 04:09 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
137
|
5.3 |
MEDIUM
Network
php-fpm
|
php-fpm
|
In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, erroneous parsing of multipart form data contained in an HTTP POST request could lead to legitimate data not being proce…
Update
|
NVD-CWE-noinfo
|
CVE-2024-8925
|
2024-10-17 03:53 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
138
|
- |
|
-
|
-
|
SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the refund function in the PayController.class.php component.
Update
|
-
|
CVE-2024-46532
|
2024-10-17 03:35 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
139
|
8.8 |
HIGH
Network
|
php-fpm
|
php-fpm
|
In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for CVE-2024-4577 https://github.com/a…
Update
|
CWE-78
OS Command
|
CVE-2024-8926
|
2024-10-17 03:35 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
140
|
3.3 |
LOW
Local
|
php-fpm
|
php-fpm
|
In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, when using PHP-FPM SAPI and it is configured to catch workers output through catch_workers_output = yes, it may be possi…
Update
|
NVD-CWE-Other
|
CVE-2024-9026
|
2024-10-17 03:30 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|