|
314561
|
5.7 |
MEDIUM
Network
|
enalean
|
tuleap
|
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.40, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-46988
|
2024-10-16 23:07 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314562
|
5.4 |
MEDIUM
Network
|
ultimatemember
|
ultimate_member
|
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's '…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8519
|
2024-10-16 23:06 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314563
|
4.8 |
MEDIUM
Network
|
enalean
|
tuleap
|
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15…
|
CWE-79
Cross-site Scripting
|
CVE-2024-46980
|
2024-10-16 23:05 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314564
|
7.5 |
HIGH
Network
|
acronis
|
cyber_protect
|
Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2024-49387
|
2024-10-16 22:58 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314565
|
9.1 |
CRITICAL
Network
|
acronis
|
cyber_protect
|
Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-49388
|
2024-10-16 22:57 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314566
|
4.3 |
MEDIUM
Adjacent
|
acronis
|
cyber_protect
|
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
NVD-CWE-Other
|
CVE-2024-49383
|
2024-10-16 22:53 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314567
|
4.3 |
MEDIUM
Adjacent
|
acronis
|
cyber_protect
|
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
NVD-CWE-Other
|
CVE-2024-49382
|
2024-10-16 22:53 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314568
|
4.3 |
MEDIUM
Adjacent
|
acronis
|
cyber_protect
|
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
NVD-CWE-Other
|
CVE-2024-49384
|
2024-10-16 22:52 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314569
|
7.8 |
HIGH
Local
|
electronics.jtekt
|
kostac_plc_programming_software
|
Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project f…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47134
|
2024-10-16 22:50 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314570
|
8.8 |
HIGH
Network
|
rems
|
drag_and_drop_image_upload
|
A vulnerability was found in SourceCodester Drag and Drop Image Upload 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /upload.php. The manipulati…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-9975
|
2024-10-16 22:44 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
