521
|
- |
|
-
|
-
|
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the ZimaOS API endpoint `http://<Zima_Server_IP:PORT>/v3/file?t…
|
-
|
CVE-2024-48931
|
2024-10-25 21:56 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
522
|
- |
|
-
|
-
|
A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs du…
|
-
|
CVE-2024-48425
|
2024-10-25 21:56 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
523
|
- |
|
-
|
-
|
A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp library, specifically during the processing of OpenGEX files.
|
-
|
CVE-2024-48424
|
2024-10-25 21:56 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
524
|
- |
|
-
|
-
|
An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function within the Assimp library.
|
-
|
CVE-2024-48423
|
2024-10-25 21:56 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
525
|
- |
|
-
|
-
|
pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file.
|
-
|
CVE-2024-48208
|
2024-10-25 21:56 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
526
|
- |
|
-
|
-
|
The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly framework uses the `java.net.URL` class to refer to (what are expected to be) local resour…
|
CWE-918 CWE-36
Server-Side Request Forgery (SSRF) Absolute Path Traversal
|
CVE-2024-47883
|
2024-10-25 21:56 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
527
|
- |
|
-
|
-
|
OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the built-in "Something went wrong!" error page includes the exception message and exception traceback with…
|
CWE-79 CWE-81
Cross-site Scripting
|
CVE-2024-47882
|
2024-10-25 21:56 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
528
|
- |
|
-
|
-
|
OpenRefine is a free, open source tool for working with messy data. Starting in version 3.4-beta and prior to version 3.8.3, in the `database` extension, the "enable_load_extension" property can be s…
|
CWE-89
SQL Injection
|
CVE-2024-47881
|
2024-10-25 21:56 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
529
|
- |
|
-
|
-
|
OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the `export-rows` command can be used in such a way that it reflects part of the request verbatim, with a C…
|
CWE-79 CWE-348
Cross-site Scripting Use of Less Trusted Source
|
CVE-2024-47880
|
2024-10-25 21:56 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
530
|
- |
|
-
|
-
|
OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, lack of cross-site request forgery protection on the `preview-expression` command means that visiting a mal…
|
CWE-352 CWE-94
Origin Validation Error Code Injection
|
CVE-2024-47879
|
2024-10-25 21:56 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|