|
711
|
4.3 |
MEDIUM
Network
|
hitachienergy
|
microscada_x_sys600
|
An HTTP parameter may contain a URL value and could cause
the web application to redirect the request to the specified URL.
By modifying the URL value to a malicious site, an attacker may
successfull…
Update
|
CWE-601
Open Redirect
|
CVE-2024-7941
|
2024-10-31 00:29 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
712
|
- |
|
-
|
-
|
Incorrect Authorization vulnerability in Wpsoul Greenshift – animation and page builder blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Greenshift – …
New
|
-
|
CVE-2024-50419
|
2024-10-31 00:15 |
2024-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
713
|
- |
|
-
|
-
|
A denial of service may be caused to a single peripheral device in a BLE network when multiple central
devices continuously connect and disconnect to the peripheral. A hard reset is required to reco…
Update
|
-
|
CVE-2024-6657
|
2024-10-31 00:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
714
|
4.6 |
MEDIUM
Network
|
dell
|
e-lab_navigator
|
Dell Mobility - E-Lab Navigator, version(s) 3.1.9, 3.2.0, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. An unauthenticated attacker with local access could potentially…
Update
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-22455
|
2024-10-31 00:15 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
715
|
7.2 |
HIGH
Network
|
anujkumar
|
medical_card_generation_system
|
A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/card-bwdate…
Update
|
CWE-89
SQL Injection
|
CVE-2024-10296
|
2024-10-31 00:13 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
716
|
7.5 |
HIGH
Network
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tcp: fix mptcp DSS corruption due to large pmtu xmit
Syzkaller was able to trigger a DSS corruption:
TCP: request_sock_subflow…
Update
|
NVD-CWE-noinfo
|
CVE-2024-50083
|
2024-10-31 00:07 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
717
|
7.5 |
HIGH
Network
zzcms
|
zzcms
|
A vulnerability, which was classified as problematic, was found in ZZCMS 2023. This affects an unknown part of the file 3/qq-connect2.0/API/com/inc.php. The manipulation leads to information disclosu…
Update
|
NVD-CWE-noinfo
|
CVE-2024-10290
|
2024-10-31 00:06 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
718
|
8.8 |
HIGH
Network
|
liferay
|
digital_experience_platform
liferay_portal
|
Cross-site request forgery (CSRF) vulnerability in the My Account widget in Liferay Portal 7.4.3.75 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 up…
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-26271
|
2024-10-31 00:04 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
719
|
8.8 |
HIGH
Network
|
liferay
|
digital_experience_platform
liferay_portal
|
Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.4.0 through 7.4.3.103, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA …
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-26273
|
2024-10-31 00:03 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
720
|
8.8 |
HIGH
Network
|
liferay
|
digital_experience_platform
liferay_portal
|
Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.3.2 through 7.4.3.107, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA …
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-26272
|
2024-10-31 00:03 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
