|
2201
|
7.5 |
HIGH
Network
dericia
|
delicia
|
An issue found in DERICIA Co. Ltd, DELICIA v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp DELICIA function.
|
NVD-CWE-noinfo
|
CVE-2023-31824
|
2024-10-31 05:35 |
2023-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2202
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix a race condition between btf_put() and map_free()
When running `./test_progs -j` in my local vm with latest kernel,
I on…
|
CWE-416
Use After Free
|
CVE-2023-52446
|
2024-10-31 05:35 |
2024-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2203
|
4.1 |
MEDIUM
Network
|
solarwinds
|
serv-u
|
Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ permissions can modify a variable with a payload.
|
CWE-79
Cross-site Scripting
|
CVE-2024-45714
|
2024-10-31 05:33 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2204
|
4.9 |
MEDIUM
Network
|
topdata
|
inner_rep_plus
|
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2024-10128
|
2024-10-31 05:31 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2205
|
6.1 |
MEDIUM
Network
|
sunburntkamel
|
disconnected
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in sunburntkamel disconnected allows Reflected XSS.This issue affects disconnected: from n/a …
|
CWE-79
Cross-site Scripting
|
CVE-2024-49268
|
2024-10-31 05:30 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2206
|
5.4 |
MEDIUM
Network
|
booking
|
banner_creator
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Partnerships at Booking.Com Booking.Com Banner Creator allows Stored XSS.This issue affect…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49265
|
2024-10-31 05:29 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2207
|
9.8 |
CRITICAL
Network
riskengine
|
radar
|
A vulnerability has been found in wfh45678 Radar up to 1.0.8 and classified as critical. This vulnerability affects unknown code of the file /services/v1/common/upload. The manipulation of the argume…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10120
|
2024-10-31 05:20 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2208
|
7.8 |
HIGH
Local
|
lakesidesoftware
|
systrack_lsiagent
|
Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows contains a local privilege escalation vulnerability which allows attackers SYSTEM level access.
|
NVD-CWE-Other
|
CVE-2023-6080
|
2024-10-31 05:12 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2209
|
- |
|
-
|
-
|
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system.
|
-
|
CVE-2024-44301
|
2024-10-31 04:35 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2210
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system.
|
NVD-CWE-noinfo
|
CVE-2024-44287
|
2024-10-31 04:35 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
