|
2321
|
8.8 |
HIGH
Network
|
rudrainnovative
|
training_-_courses
|
Unrestricted Upload of File with Dangerous Type vulnerability in Rudra Innnovative Software Training – Courses allows Upload a Web Shell to a Web Server.This issue affects Training – Courses: from n/…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50529
|
2024-11-7 02:04 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2322
|
9.8 |
CRITICAL
Network
dfactory
|
responsive_lightbox
|
Missing Authorization vulnerability in dFactory Responsive Lightbox allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Responsive Lightbox: from n/a through 2.4.7.
|
CWE-862
Missing Authorization
|
CVE-2024-43924
|
2024-11-7 02:03 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2323
|
8.8 |
HIGH
Network
|
myriadsolutionz
|
stars_smtp_mailer
|
Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Stars SMTP Mailer allows Upload a Web Shell to a Web Server.This issue affects Stars SMTP Mailer: from n/a through 1.…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50530
|
2024-11-7 02:02 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2324
|
6.5 |
MEDIUM
Network
|
sonatype
|
nexus
|
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-5764
|
2024-11-7 01:41 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2325
|
7.2 |
HIGH
Network
|
wuzhicms
|
wuzhicms
|
A vulnerability was found in wuzhicms 4.1.0. It has been classified as critical. Affected is the function add/edit of the file www/coreframe/app/content/admin/block.php. The manipulation leads to cod…
|
CWE-94
Code Injection
|
CVE-2024-10505
|
2024-11-7 01:38 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2326
|
- |
|
-
|
-
|
Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware) may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially …
|
-
|
CVE-2023-31305
|
2024-11-7 01:35 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2327
|
4.8 |
MEDIUM
Network
|
adtran
|
netvanta_3120_firmware
|
Multiple stored cross-site scripting (XSS) vulnerabilities on AdTran NetVanta 3120 18.01.01.00.E devices allow remote attackers to inject arbitrary JavaScript, as demonstrated by /mainPassword.html, …
|
CWE-79
Cross-site Scripting
|
CVE-2024-31971
|
2024-11-7 01:35 |
2024-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2328
|
- |
|
-
|
-
|
A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerabil…
|
-
|
CVE-2024-23155
|
2024-11-7 01:35 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2329
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
Input: cyapa - add missing input core locking to suspend/resume functions
Grab input->mutex during suspend/resume functions like …
|
-
|
CVE-2023-52884
|
2024-11-7 01:35 |
2024-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2330
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: stmmac: fix tc flower deletion for VLAN priority Rx steering
To replicate the issue:-
1) Add 1 flower filter for VLAN Prior…
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-47592
|
2024-11-7 01:35 |
2024-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
