31
|
- |
|
-
|
-
|
A vulnerability classified as critical has been found in HFO4 shudong-share up to 2.4.7. This affects an unknown part of the file /includes/create_share.php of the component Share Handler. The manipu…
New
|
CWE-89
SQL Injection
|
CVE-2024-10129
|
2024-10-19 07:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
32
|
- |
|
-
|
-
|
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads…
New
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2024-10128
|
2024-10-19 06:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
33
|
- |
|
-
|
-
|
A vulnerability was found in Tenda AC8 16.03.34.06. It has been declared as critical. Affected by this vulnerability is the function compare_parentcontrol_time of the file /goform/saveParentControlIn…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2024-10123
|
2024-10-19 05:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
34
|
7.2 |
HIGH
Network
|
hashicorp
|
vault
|
A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s privileges to Vault’s root policy. Fixed in Vault Community Edi…
Update
|
NVD-CWE-Other
|
CVE-2024-9180
|
2024-10-19 05:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
35
|
9.8 |
CRITICAL
Network
vmware cisco oracle siemens veritas
|
spring_framework cx_cloud_agent sd-wan_edge retail_xstore_point_of_service communications_cloud_native_core_security_edge_protection_proxy financial_services_analytical_applications_in…
|
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR…
Update
|
CWE-94
Code Injection
|
CVE-2022-22965
|
2024-10-19 04:52 |
2022-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
36
|
- |
|
-
|
-
|
ACON is a widely-used library of tools for machine learning that focuses on adaptive correlation optimization. A potential vulnerability has been identified in the input validation process, which cou…
New
|
CWE-20
Improper Input Validation
|
CVE-2024-49361
|
2024-10-19 04:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
37
|
- |
|
-
|
-
|
In J2eeFAST <=2.7, the backend function has unsafe filtering, which allows an attacker to trigger certain sensitive functions resulting in arbitrary code execution.
New
|
-
|
CVE-2024-45944
|
2024-10-19 04:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
38
|
- |
|
-
|
-
|
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been classified as problematic. Affected is an unknown function of the file /InnerRepPlus.html of the component Operator Det…
New
|
CWE-549
Missing Password Field Masking
|
CVE-2024-10122
|
2024-10-19 04:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
39
|
- |
|
-
|
-
|
A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue affects some unknown processing of the component Interface Handler. The manipulation with the input /../…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-10121
|
2024-10-19 04:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
40
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-9884. Reason: This candidate is a reservation duplicate of CVE-2024-9884. Notes: All CVE users should reference CV…
New
|
-
|
CVE-2024-10115
|
2024-10-19 04:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|