|
1701
|
8.1 |
HIGH
Network
|
ampache
|
ampache
|
Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating catalog. …
|
CWE-352
Origin Validation Error
|
CVE-2024-51487
|
2024-11-15 04:37 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1702
|
9.8 |
CRITICAL
Network
mikexstudios
|
xcomic
|
A vulnerability classified as critical has been found in mikexstudios Xcomic up to 0.8.2. This affects an unknown part. The manipulation of the argument cmd leads to os command injection. It is possi…
|
CWE-78
OS Command
|
CVE-2005-10003
|
2024-11-15 04:35 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1703
|
- |
|
-
|
-
|
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. An app may be able to access user-sensitive data.
|
-
|
CVE-2023-42840
|
2024-11-15 04:35 |
2024-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1704
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at /lib/libgpac.so.
|
NVD-CWE-noinfo
|
CVE-2023-37767
|
2024-11-15 04:35 |
2023-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1705
|
5.3 |
MEDIUM
Network
jetbrains
|
ktor
|
In JetBrains Ktor before 3.0.0 improper caching in HttpCache Plugin could lead to response information disclosure
|
NVD-CWE-Other
|
CVE-2024-49580
|
2024-11-15 04:25 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1706
|
6.1 |
MEDIUM
Network
|
jetbrains
|
youtrack
|
In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execution and unauthorized API requests
|
NVD-CWE-Other
|
CVE-2024-49579
|
2024-11-15 04:24 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1707
|
9.8 |
CRITICAL
Network
ninjateam
|
multi_step_for_contact_form_7
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NinjaTeam Multi Step for Contact Form allows SQL Injection.This issue affects Multi Step for Cont…
|
CWE-89
SQL Injection
|
CVE-2024-47331
|
2024-11-15 04:22 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1708
|
9.8 |
CRITICAL
Network
anisha
|
job_recruitment
|
A vulnerability, which was classified as critical, has been found in code-projects Job Recruitment 1.0. This issue affects some unknown processing of the file /activation.php. The manipulation of the…
|
CWE-89
SQL Injection
|
CVE-2024-11076
|
2024-11-15 04:14 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1709
|
5.5 |
MEDIUM
Local
|
adobe
|
after_effects
|
After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47446
|
2024-11-15 04:10 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1710
|
5.5 |
MEDIUM
Local
|
adobe
|
after_effects
|
After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47445
|
2024-11-15 04:10 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
