|
771
|
6.5 |
MEDIUM
Network
|
progress
|
telerik_document_processing_libraries
|
In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 (2024.4.1106), importing a document with unsupported features can lead to excessive processing, leading to excessive use o…
Update
|
NVD-CWE-noinfo
|
CVE-2024-8049
|
2024-11-19 02:46 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
772
|
6.2 |
MEDIUM
Local
|
progress
|
telerik_report_server
|
In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this informat…
Update
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-7295
|
2024-11-19 02:41 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
773
|
- |
|
-
|
-
|
A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected syste…
New
|
CWE-200
Information Exposure
|
CVE-2020-3525
|
2024-11-19 02:35 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
774
|
- |
|
-
|
-
|
Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions (in broadcast mode) via multiple read o…
Update
|
-
|
CVE-2024-52876
|
2024-11-19 02:35 |
2024-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
775
|
8.7 |
HIGH
Network
|
snipeitapp
|
snipe-it
|
Stored Cross-Site Scripting (XSS) vulnerability in Snipe-IT - v7.0.13 allows an attacker to upload a malicious XML file containing JavaScript code. This can lead to privilege escalation when the payl…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-51093
|
2024-11-19 02:34 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
776
|
9.0 |
CRITICAL
Network
|
xwiki
|
pdf_viewer_macro
|
macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The width parameter of the PDF viewer macro isn't properly escaped, allowing XSS for any user who can edit a page. XSS can impact…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-52300
|
2024-11-19 02:29 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
777
|
7.5 |
HIGH
Network
xwiki
|
pdf_viewer_macro
|
macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. Any user with view right on XWiki.PDFViewerService can access any attachment stored in the wiki as the "key" that is passed to pr…
Update
|
NVD-CWE-noinfo
|
CVE-2024-52299
|
2024-11-19 02:29 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
778
|
7.5 |
HIGH
Network
xwiki
|
pdf_viewer_macro
|
macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The PDF Viewer macro allows an attacker to view any attachment using the "Delegate my view right" feature as long as the attacker…
Update
|
NVD-CWE-noinfo
|
CVE-2024-52298
|
2024-11-19 02:29 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
779
|
8.1 |
HIGH
Network
|
mayurik
|
hospital_management_system
|
A vulnerability classified as problematic has been found in SourceCodester Hospital Management System 1.0. This affects an unknown part of the file /vm/patient/delete-account.php. The manipulation of…
Update
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-11073
|
2024-11-19 02:21 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
780
|
5.3 |
MEDIUM
Network
-
|
-
|
A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
This vulnerabili…
New
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2021-1424
|
2024-11-19 02:15 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
