|
991
|
- |
|
-
|
-
|
A buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a PDU Session Resource Setup…
Update
|
-
|
CVE-2024-24447
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
992
|
- |
|
-
|
-
|
A vulnerability was found in erzhongxmu Jeewms up to 20241108. It has been rated as critical. This issue affects some unknown processing of the file cgReportController.do of the component AuthInterce…
Update
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11251
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
993
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Inventory Management up to 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /model/editProduct.php. The manipulati…
Update
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11250
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
994
|
- |
|
-
|
-
|
Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens,…
Update
|
CWE-285
Improper Authorization
|
CVE-2024-52528
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
995
|
- |
|
-
|
-
|
Nextcloud Server is a self hosted personal cloud system. Under certain conditions the password of a user was stored unencrypted in the session data. The session data is encrypted before being saved i…
Update
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-52525
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
996
|
- |
|
-
|
-
|
Nextcloud Server is a self hosted personal cloud system. After setting up a user or administrator defined external storage with fixed credentials, the API returns them and adds them into the frontend…
Update
|
CWE-200
Information Exposure
|
CVE-2024-52523
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
997
|
- |
|
-
|
-
|
Nextcloud Server is a self hosted personal cloud system. MD5 hashes were used to check background jobs for their uniqueness. This increased the chances of a background job with arguments falsely bein…
Update
|
CWE-328
Use of Weak Hash
|
CVE-2024-52521
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
998
|
- |
|
-
|
-
|
Nextcloud Server is a self hosted personal cloud system. Due to a pre-flighted HEAD request, the link reference provider could be tricked into downloading bigger websites than intended, to find open-…
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-52520
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
999
|
- |
|
-
|
-
|
Nextcloud Server is a self hosted personal cloud system. The OAuth2 client secrets were stored in a recoverable way, so that an attacker that got access to a backup of the database and the Nextcloud …
Update
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2024-52519
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1000
|
- |
|
-
|
-
|
Nextcloud Server is a self hosted personal cloud system. After an attacker got access to the session of a user or administrator, the attacker would be able to create, change or delete external storag…
Update
|
CWE-287
Improper Authentication
|
CVE-2024-52518
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
