841
|
8.8 |
HIGH
Local
|
cisco
|
nx-os
|
A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underly…
Update
|
NVD-CWE-Other
|
CVE-2024-20285
|
2024-10-22 23:37 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
842
|
7.8 |
HIGH
Local
|
amd
|
ryzen_3_5100_firmware ryzen_3_5300g_firmware ryzen_3_5300ge_firmware ryzen_5_5500_firmware ryzen_5_5600g_firmware ryzen_5_5600ge_firmware ryzen_7_5700_firmware ryzen_7_5700g_firm…
|
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local access.
Update
|
CWE-269
Improper Privilege Management
|
CVE-2023-20563
|
2024-10-22 23:35 |
2023-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
843
|
4.8 |
MEDIUM
Network
|
phpgurukul
|
boat_booking_system
|
A vulnerability, which was classified as problematic, was found in PHPGurukul Boat Booking System 1.0. This affects an unknown part of the file /admin/book-details.php of the component Booking Detail…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-10191
|
2024-10-22 23:33 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
844
|
6.1 |
MEDIUM
Network
|
rockettheme
|
gantry
|
The Gantry 4 Framework plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'override_id' parameter in all versions up to, and including, 4.1.21 due to insufficient input sani…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9382
|
2024-10-22 23:31 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
845
|
9.8 |
CRITICAL
Network
oretnom23
|
sentiment_based_movie_rating_system
|
A vulnerability was found in SourceCodester Sentiment Based Movie Rating System 1.0. It has been classified as critical. Affected is an unknown function of the file /msrps/movie_details.php. The mani…
Update
|
CWE-89
SQL Injection
|
CVE-2024-10163
|
2024-10-22 23:28 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
846
|
6.1 |
MEDIUM
Network
|
parcelpro
|
parcel_pro
|
The Parcel Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'action' parameter in all versions up to, and including, 1.8.4 due to insufficient input sanitization and o…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9383
|
2024-10-22 23:27 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
847
|
5.3 |
MEDIUM
Network
mintplexlabs
|
anythingllm
|
A JSON Injection vulnerability exists in the `mintplex-labs/anything-llm` application, specifically within the username parameter during the login process at the `/api/request-token` endpoint. The vu…
Update
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2024-3102
|
2024-10-22 23:26 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
848
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. This issue affects the function actionAddEncryptPolicyGroup of the file /com/esafenet/servlet/policy/EncryptPolicy…
Update
|
CWE-89
SQL Injection
|
CVE-2024-10072
|
2024-10-22 23:20 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
849
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability classified as critical was found in ESAFENET CDG 5. This vulnerability affects the function actionUpdateEncryptPolicyEdit of the file /com/esafenet/servlet/policy/EncryptPolicyService…
Update
|
CWE-89
SQL Injection
|
CVE-2024-10071
|
2024-10-22 23:20 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
850
|
9.8 |
CRITICAL
Network
code-projects
|
pharmacy_management_system
|
A vulnerability, which was classified as critical, has been found in code-projects Pharmacy Management System 1.0. Affected by this issue is some unknown functionality of the file /manage_supplier.ph…
Update
|
CWE-89
SQL Injection
|
CVE-2024-10140
|
2024-10-22 23:19 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|