|
761
|
4.8 |
MEDIUM
Network
|
lopalopa
|
e-learning_management_system
|
A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/teachers.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitra…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-50836
|
2024-11-19 03:35 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
762
|
7.8 |
HIGH
Local
|
adobe
|
animate
|
Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-49528
|
2024-11-19 03:34 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
763
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_server_2008
windows_server_2012
windows_server_2025
windows_10_1809
windows_server_2019
windows_server_2022
windows_10_21h2
windows_11_22h2
windows_10_22h2
windows_…
|
Windows Package Library Manager Information Disclosure Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-38203
|
2024-11-19 03:23 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
764
|
7.2 |
HIGH
Network
|
ivanti
|
endpoint_manager
|
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code …
Update
|
CWE-89
SQL Injection
|
CVE-2024-50327
|
2024-11-19 03:16 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
765
|
7.2 |
HIGH
Network
|
ivanti
|
endpoint_manager
|
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code …
Update
|
CWE-89
SQL Injection
|
CVE-2024-50326
|
2024-11-19 03:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
766
|
9.8 |
CRITICAL
Network
gzequan
|
eq_enterprise_management_system
|
An issue in EQ Enterprise Management System before v2.0.0 allows attackers to execute a directory traversal via crafted requests.
Update
|
CWE-22
Path Traversal
|
CVE-2024-44761
|
2024-11-19 03:15 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
767
|
6.1 |
MEDIUM
Network
|
cysoft168
|
super_easy_enterprise_management_system
|
Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-42678
|
2024-11-19 03:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
768
|
7.2 |
HIGH
Network
|
ivanti
|
endpoint_manager
|
SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code …
Update
|
CWE-89
SQL Injection
|
CVE-2024-50328
|
2024-11-19 03:08 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
769
|
8.8 |
HIGH
Network
|
ivanti
|
endpoint_manager
|
Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution. User int…
Update
|
CWE-22
Path Traversal
|
CVE-2024-50329
|
2024-11-19 03:07 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
770
|
7.8 |
HIGH
Local
|
adobe
|
photoshop
|
Photoshop Desktop versions 24.7.3, 25.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the curren…
Update
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2024-49514
|
2024-11-19 03:06 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
