181
|
9.8 |
CRITICAL
Network
acme.sh_project
|
acme.sh
|
acme.sh before 3.0.6 runs arbitrary commands from a remote server via eval, as exploited in the wild in June 2023.
Update
|
NVD-CWE-noinfo
|
CVE-2023-38198
|
2024-10-31 04:35 |
2023-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
182
|
- |
|
-
|
-
|
icecms <=3.4.7 has a File Upload vulnerability in FileUtils.java,uploadFile.
New
|
-
|
CVE-2024-48202
|
2024-10-31 04:15 |
2024-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
183
|
- |
|
-
|
-
|
phpgurukul Vehicle Record Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchinputdata parameter at /index.php.
New
|
-
|
CVE-2024-46531
|
2024-10-31 04:15 |
2024-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
184
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
riscv: fix race when vmap stack overflow
Currently, when detecting vmap stack overflow, riscv firstly switches
to the so called s…
Update
|
CWE-362
Race Condition
|
CVE-2022-49001
|
2024-10-31 03:58 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
185
|
6.1 |
MEDIUM
Network
|
butlerblog
|
wp-members
|
The WP-Members Membership Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, an…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9231
|
2024-10-31 03:56 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
186
|
7.5 |
HIGH
Network
esafenet
|
cdg
|
A vulnerability classified as problematic was found in ESAFENET CDG 5. Affected by this vulnerability is the function actionViewDecyptFile of the file /com/esafenet/servlet/client/DecryptApplicationS…
Update
|
CWE-22
Path Traversal
|
CVE-2024-10379
|
2024-10-31 03:54 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
187
|
8.8 |
HIGH
Adjacent
|
se
|
rmnf22tb30_firmware renf22r2mmw_firmware
|
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering
of device configuration over NFC communication.
Update
|
NVD-CWE-noinfo
|
CVE-2024-0568
|
2024-10-31 03:52 |
2024-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
188
|
7.3 |
HIGH
Network
|
redhat
|
build_of_keycloak jboss_enterprise_application_platform
|
A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-10234
|
2024-10-31 03:50 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
189
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a maliciously crafted file may lead to an unexpect…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2024-44284
|
2024-10-31 03:48 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
190
|
9.8 |
CRITICAL
Network
codezips
|
pet_shop_management_system
|
A vulnerability, which was classified as critical, has been found in Codezips Pet Shop Management System 1.0. This issue affects some unknown processing of the file /animalsupdate.php. The manipulati…
Update
|
CWE-89
SQL Injection
|
CVE-2024-10430
|
2024-10-31 03:48 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|