|
981
|
- |
|
-
|
-
|
CMS Made Simple Version 2.2.19 is vulnerable to Cross Site Scripting (XSS). This vulnerability resides in the File Manager module of the admin panel. Specifically, the issue arises due to inadequate …
Update
|
-
|
CVE-2024-27625
|
2024-11-13 03:35 |
2024-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
982
|
- |
|
-
|
-
|
A reflected Cross-Site Scripting (XSS) vulnerability in FUEL CMS 1.5.2allows attackers to run arbitrary code via crafted string after the group_id parameter.
Update
|
-
|
CVE-2024-25369
|
2024-11-13 03:35 |
2024-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
983
|
- |
|
-
|
-
|
Tenda AC10V4.0 V16.03.10.20 was discovered to contain a stack overflow via the page parameter in the sub_49B384 function.
Update
|
-
|
CVE-2024-25373
|
2024-11-13 03:35 |
2024-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
984
|
4.7 |
MEDIUM
Local
|
-
|
-
|
A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrar…
Update
|
CWE-20
Improper Input Validation
|
CVE-2024-9407
|
2024-11-13 03:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
985
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw a…
Update
|
CWE-59
Link Following
|
CVE-2024-9341
|
2024-11-13 03:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
986
|
4.4 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which …
Update
|
CWE-59
Link Following
|
CVE-2024-45770
|
2024-11-13 03:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
987
|
5.5 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.
Update
|
-
|
CVE-2024-45769
|
2024-11-13 03:15 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
988
|
6.7 |
MEDIUM
Local
|
gnu
redhat
|
nano
enterprise_linux
|
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the pe…
Update
|
CWE-59
Link Following
|
CVE-2024-5742
|
2024-11-13 03:15 |
2024-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
989
|
- |
|
-
|
-
|
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA…
Update
|
CWE-208
Information Exposure Through Timing Discrepancy
|
CVE-2024-2236
|
2024-11-13 03:15 |
2024-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
990
|
5.3 |
MEDIUM
Network
latchset
redhat
fedoraproject
|
jwcrypto
enterprise_linux
enterprise_linux_for_power_little_endian
enterprise_linux_for_ibm_z_systems
fedora
enterprise_linux_for_arm_64
|
A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. T…
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2023-6681
|
2024-11-13 03:15 |
2024-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
