|
171
|
8.8 |
HIGH
Network
|
microsoft
|
sql_server_2016
sql_server_2017
sql_server_2019
|
SQL Server Native Client Remote Code Execution Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-48993
|
2024-11-20 04:06 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
172
|
5.4 |
MEDIUM
Network
|
k5n
|
webcalendar
|
A stored cross-site scripting (XSS) vulnerability exists in craigk5n/webcalendar version 1.3.0. The vulnerability occurs in the 'Report Name' input field while creating a new report. An attacker can …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-1097
|
2024-11-20 04:05 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
173
|
9.8 |
CRITICAL
Network
tp-link
|
vn020-f3v\(t\)_firmware
|
A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected by this issue is some unknown functionality of the component DHCP DISCOVER Packet Pars…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-11237
|
2024-11-20 04:04 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
174
|
6.1 |
MEDIUM
Network
|
pyload
|
pyload
|
An open redirection vulnerability exists in pyload/pyload version 0.5.0. The vulnerability is due to improper handling of the 'next' parameter in the login functionality. An attacker can exploit this…
Update
|
CWE-601
Open Redirect
|
CVE-2024-1240
|
2024-11-20 04:04 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
175
|
5.3 |
MEDIUM
Network
landray
|
landray_ekp
|
A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sys_ui_component/sysUiComponent.do?method=delPrevi…
Update
|
CWE-22
Path Traversal
|
CVE-2024-11238
|
2024-11-20 04:01 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
176
|
7.2 |
HIGH
Network
|
eyoucms
|
eyoucms
|
A vulnerability classified as critical has been found in EyouCMS up to 1.6.7. Affected is an unknown function of the component Website Logo Handler. The manipulation leads to unrestricted upload. It …
Update
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-11211
|
2024-11-20 04:01 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
177
|
4.3 |
MEDIUM
Network
|
landray
|
landray_ekp
|
A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the comp…
Update
|
CWE-22
Path Traversal
|
CVE-2024-11239
|
2024-11-20 04:00 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
178
|
5.4 |
MEDIUM
Network
|
eyoucms
|
eyoucms
|
A vulnerability was found in EyouCMS 1.51. It has been rated as critical. This issue affects the function editFile of the file application/admin/logic/FilemanagerLogic.php. The manipulation of the ar…
Update
|
CWE-22
Path Traversal
|
CVE-2024-11210
|
2024-11-20 03:42 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
179
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
TCP_SYN_RECV state is really special, it is only used by
cross-syn co…
Update
|
-
|
CVE-2024-36905
|
2024-11-20 03:35 |
2024-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
180
|
9.8 |
CRITICAL
Network
zimbra
|
collaboration
|
An issue in Zimbra Collaboration (ZCS) v.8.8.15 and v.9.0 allows a remote attacker to escalate privileges and obtain sensitive information via the password and 2FA parameters.
Update
|
NVD-CWE-noinfo
|
CVE-2023-29381
|
2024-11-20 03:35 |
2023-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
