81
|
- |
|
-
|
-
|
RDS Light is a simplified version of the Reflective Dialogue System (RDS), a self-reflecting AI framework. Versions prior to 1.1.0 contain a vulnerability that involves a lack of input validation wit…
New
|
CWE-20 CWE-74
Improper Input Validation Injection
|
CVE-2024-48918
|
2024-10-17 06:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
82
|
- |
|
-
|
-
|
Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the…
New
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2024-47889
|
2024-10-17 06:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
83
|
- |
|
-
|
-
|
Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability in the `plai…
New
|
-
|
CVE-2024-47888
|
2024-10-17 06:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
84
|
- |
|
-
|
-
|
Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability…
New
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2024-47887
|
2024-10-17 06:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
85
|
4.3 |
MEDIUM
Network
|
sap
|
fiori
|
The SAP Fiori app (My Overtime Request) - version 605, does not perform the necessary authorization checks for an authenticated user which may result in an escalation of privileges. It is possible to…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-25643
|
2024-10-17 06:15 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
86
|
4.8 |
MEDIUM
Network
|
esri
|
portal_for_arcgis
|
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted link that is…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-25702
|
2024-10-17 06:03 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
87
|
4.8 |
MEDIUM
Network
|
esri
|
portal_for_arcgis
|
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Experience Builder versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-25701
|
2024-10-17 06:00 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
88
|
4.8 |
MEDIUM
Network
|
esri
|
portal_for_arcgis
|
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise versions 10.8.1 – 10.9.1 that may allow a remote, authenticated attacker to create a crafted link that is sto…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-25694
|
2024-10-17 06:00 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
89
|
- |
|
-
|
-
|
An issue in Creative Labs Pte Ltd com.creative.apps.xficonnect 2.00.02 allows a remote attacker to obtain sensitive information via the firmware update process.
New
|
-
|
CVE-2024-48795
|
2024-10-17 05:35 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
90
|
- |
|
-
|
-
|
An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A command injection vulnerability exists in the Docker integration functionality. An attacker can create…
New
|
-
|
CVE-2024-41997
|
2024-10-17 05:35 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|