|
931
|
5.3 |
MEDIUM
Local
|
-
|
-
|
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are affected are 8.5.6 and 8.5.7. Easily exploitable vuln…
Update
|
-
|
CVE-2024-21120
|
2024-10-31 22:35 |
2024-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
932
|
- |
|
-
|
-
|
Exposure of sensitive data by by crafting a malicious EventFactory and providing a custom ExchangeCreatedEvent that exposes sensitive data. Vulnerability in Apache Camel.This issue affects Apache Cam…
Update
|
-
|
CVE-2024-22371
|
2024-10-31 22:35 |
2024-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
933
|
3.3 |
LOW
Local
|
mongodb
|
mongo_crypt_v1.so
mongocryptd
|
A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciph…
Update
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2024-8013
|
2024-10-31 22:33 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
934
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/sched: sch_ets: don't remove idle classes from the round-robin list
Shuang reported that the following script:
1) tc qdisc …
Update
|
NVD-CWE-noinfo
|
CVE-2021-47595
|
2024-10-31 22:27 |
2024-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
935
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mptcp: never allow the PM to close a listener subflow
Currently, when deleting an endpoint the netlink PM treverses
all the local…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-47594
|
2024-10-31 22:25 |
2024-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
936
|
8.8 |
HIGH
Network
|
priyabratasarkar
|
token_login
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token Login allows Authentication Bypass.This issue affects Token Login: from n/a through 1.0.3.
Update
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-50488
|
2024-10-31 22:19 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
937
|
9.8 |
CRITICAL
Network
tareqhasan
|
meetup
|
Authorization Bypass Through User-Controlled Key vulnerability in Meetup allows Privilege Escalation.This issue affects Meetup: from n/a through 0.1.
Update
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-50483
|
2024-10-31 22:12 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
938
|
9.8 |
CRITICAL
Network
mansurahamed
|
woocommerce_quote_calculator
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mansur Ahamed Woocommerce Quote Calculator allows Blind SQL Injection.This issue affects Woocomme…
Update
|
CWE-89
SQL Injection
|
CVE-2024-50479
|
2024-10-31 22:02 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
939
|
9.8 |
CRITICAL
Network
codezips
|
hospital_appointment_system
|
A vulnerability, which was classified as critical, was found in Codezips Hospital Appointment System 1.0. This affects an unknown part of the file /loginAction.php. The manipulation of the argument U…
Update
|
CWE-89
SQL Injection
|
CVE-2024-10449
|
2024-10-31 21:47 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
940
|
9.8 |
CRITICAL
Network
pymumu
|
smartdns
|
SmartDNS through 41 before 56d0332 allows an out-of-bounds write because of a stack-based buffer overflow in the _dns_encode_domain function in the dns.c file, via a crafted DNS request.
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-31470
|
2024-10-31 21:47 |
2023-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
