1061
|
6.5 |
MEDIUM
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Poor input validation in export allows authenticated user do a SQL injection attack. User-con…
|
CWE-89
SQL Injection
|
CVE-2024-49773
|
2024-11-14 05:29 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1062
|
8.1 |
HIGH
Network
|
zohocorp
|
manageengine_sharepoint_manager_plus
|
Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option.
|
CWE-611
XXE
|
CVE-2024-10839
|
2024-11-14 05:19 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1063
|
8.8 |
HIGH
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In SuiteCRM versions 7.14.4, poor input validation allows authenticated user do a SQL injecti…
|
CWE-89
SQL Injection
|
CVE-2024-49772
|
2024-11-14 05:19 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1064
|
7.8 |
HIGH
Local
|
-
|
-
|
A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payloa…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2024-9632
|
2024-11-14 05:15 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1065
|
8.8 |
HIGH
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. User input is not validated and is written to the filesystem. The ParserLabel::addLabels() fu…
|
NVD-CWE-noinfo
|
CVE-2024-50333
|
2024-11-14 05:10 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1066
|
5.4 |
MEDIUM
Network
|
brainstormforce
|
elementor_header_\&_footer_builder
|
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.6.45 due to insufficient …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10325
|
2024-11-14 05:01 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1067
|
7.5 |
HIGH
Network
talyssonoc
|
commonregexjs
|
CommonRegexJS is a CommonRegex port for JavaScript. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of p…
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2020-26305
|
2024-11-14 05:00 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1068
|
7.2 |
HIGH
Network
|
siemens
|
ruggedcom_rm1224_lte\(4g\)_eu_firmware ruggedcom_rm1224_lte\(4g\)_nam_firmware scalance_m804pb_firmware scalance_m812-1_\(annex_a\)_firmware scalance_m812-1_\(annex_b\)_firmware scalan…
|
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB…
|
CWE-77
Command Injection
|
CVE-2024-50572
|
2024-11-14 04:59 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1069
|
7.5 |
HIGH
Network
foundation
|
foundation
|
Foundation is a front-end framework. Versions 6.3.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, i…
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2020-26304
|
2024-11-14 04:58 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1070
|
6.1 |
MEDIUM
Network
|
siemens
|
ruggedcom_rm1224_lte\(4g\)_eu_firmware ruggedcom_rm1224_lte\(4g\)_nam_firmware scalance_m804pb_firmware scalance_m812-1_\(annex_a\)_firmware scalance_m812-1_\(annex_b\)_firmware scalan…
|
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50561
|
2024-11-14 04:57 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|