|
2391
|
- |
|
-
|
-
|
A reflected Cross-Site Scripting (XSS) vulnerability exists in the login page of IceHRM v32.4.0.OS. The vulnerability is due to improper sanitization of the "next" parameter, which is included in the…
|
-
|
CVE-2024-46073
|
2025-01-7 05:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2392
|
- |
|
-
|
-
|
File Upload vulnerability in ChestnutCMS through 1.5.0. Based on the code analysis, it was determined that the /api/member/avatar API endpoint receives a base64 string as input. This string is then p…
|
-
|
CVE-2024-56828
|
2025-01-7 03:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2393
|
- |
|
-
|
-
|
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data (out of band data) can lead to S…
|
CWE-437
|
CVE-2024-55629
|
2025-01-7 03:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2394
|
- |
|
-
|
-
|
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messa…
|
CWE-405
CWE-779
Asymmetric Resource Consumption (Amplification)
|
CVE-2024-55628
|
2025-01-7 03:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2395
|
- |
|
-
|
-
|
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer ov…
|
CWE-191
CWE-122
Integer Underflow (Wrap or Wraparound)
Heap-based Buffer Overflow
|
CVE-2024-55627
|
2025-01-7 03:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2396
|
- |
|
-
|
-
|
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead …
|
CWE-680
Integer Overflow to Buffer Overflow
|
CVE-2024-55626
|
2025-01-7 03:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2397
|
- |
|
-
|
-
|
NiceGUI is an easy-to-use, Python-based UI framework. Prior to 2.9.1, authenticating with NiceGUI logged in the user for all browsers, including browsers in incognito mode. This vulnerability is fixe…
|
CWE-287
Improper Authentication
|
CVE-2025-21618
|
2025-01-7 02:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2398
|
- |
|
-
|
-
|
AAT (Another Activity Tracker) is a GPS-tracking application for tracking sportive activities, with emphasis on cycling. Versions lower than v1.26 of AAT are vulnerable to data exfiltration from mali…
|
CWE-200
Information Exposure
|
CVE-2025-21615
|
2025-01-7 02:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2399
|
- |
|
-
|
-
|
go-git is a highly extensible git implementation library written in pure Go. A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an att…
|
CWE-400
CWE-770
Uncontrolled Resource Consumption
Allocation of Resources Without Limits or Throttling
|
CVE-2025-21614
|
2025-01-7 02:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2400
|
- |
|
-
|
-
|
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vuln…
|
CWE-88
Argument Injection
|
CVE-2025-21613
|
2025-01-7 02:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
