|
601
|
- |
|
-
|
-
|
An issue in the validate_email function in CTFd/utils/validators/__init__.py of CTFd 3.7.3 allows attackers to cause a Regular expression Denial of Service (ReDoS) via supplying a crafted string as e…
|
-
|
CVE-2024-46242
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
602
|
8.2 |
HIGH
Network
-
|
-
|
IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow an unauthorized user to obtain valid tokens to gain access to protected resources due to improper certificate validat…
|
CWE-295
Improper Certificate Validation
|
CVE-2024-40702
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
603
|
6.5 |
MEDIUM
Network
|
-
|
-
|
IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure of Artifactory API keys. This vulnerability allows users to publish code to private packages or reposit…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-28778
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
604
|
4.3 |
MEDIUM
Network
|
-
|
-
|
IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-25037
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
605
|
4.3 |
MEDIUM
Network
|
-
|
-
|
IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2022-22363
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
606
|
3.7 |
LOW
Network
|
-
|
-
|
IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-20455
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
607
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Online Book Shop 1.0. It has been classified as critical. This affects an unknown part of the file /booklist.php. The manipulation of the argument subcatid …
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0296
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
608
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Online Book Shop 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /booklist.php?subcatid=1. The manipulat…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2025-0295
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
609
|
- |
|
-
|
-
|
A malicious or compromised MacPorts mirror can execute arbitrary commands as root on the machine of a client running port selfupdate against the mirror.
|
-
|
CVE-2024-11681
|
2025-01-8 01:15 |
2025-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
610
|
- |
|
-
|
-
|
The Category Posts Widget WordPress plugin before 4.9.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting…
|
-
|
CVE-2024-9638
|
2025-01-8 01:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
