|
315021
|
5.4 |
MEDIUM
Network
|
rems
|
online_timesheet_app
|
A vulnerability has been found in SourceCodester Online Timesheet App 1.0 and classified as problematic. This vulnerability affects unknown code of the file /endpoint/add-timesheet.php of the compone…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9320
|
2024-10-1 22:28 |
2024-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315022
|
2.9 |
LOW
Physics
|
opensc_project
redhat
|
opensc
enterprise_linux
|
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8443
|
2024-10-1 22:15 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315023
|
5.4 |
MEDIUM
Network
|
mayurik
|
free_and_open_source_inventory_management_system
|
A vulnerability was found in SourceCodester Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /app/action/ad…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9323
|
2024-10-1 21:55 |
2024-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315024
|
9.8 |
CRITICAL
Network
|
endress
|
echo_curve_viewer
fieldcare_sfe500_package
field_xpert_smt79_firmware
field_xpert_smt77_firmware
field_xpert_smt70_firmware
field_xpert_smt50_firmware
|
An unauthenticated remote attacker can run malicious c# code included in curve files and execute commands in the users context.
|
CWE-94
Code Injection
|
CVE-2024-6596
|
2024-10-1 21:26 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315025
|
9.8 |
CRITICAL
Network
|
openfga
|
openfga
|
OpenFGA is an authorization/permission engine. OpenFGA v1.5.7 and v1.5.8 are vulnerable to authorization bypass when calling Check API with a model that uses `but not` and `from` expressions and a us…
|
CWE-863
Incorrect Authorization
|
CVE-2024-42473
|
2024-10-1 21:21 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315026
|
9.8 |
CRITICAL
Network
|
mayurik
|
advocate_office_management_system
|
A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /control/forgot_pass.php. The manipu…
|
CWE-89
SQL Injection
|
CVE-2024-9296
|
2024-10-1 20:36 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315027
|
9.8 |
CRITICAL
Network
|
mayurik
|
advocate_office_management_system
|
A vulnerability was found in SourceCodester Advocate Office Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /control/login.php. The manipulati…
|
CWE-89
SQL Injection
|
CVE-2024-9295
|
2024-10-1 20:36 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315028
|
9.8 |
CRITICAL
Network
|
mayurik
|
advocate_office_management_system
|
A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /control/edit_client.php. The …
|
CWE-89
SQL Injection
|
CVE-2024-9328
|
2024-10-1 20:34 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315029
|
5.4 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.11.x <= 9.11.0, 9.10.x <= 9.10.1, 9.9.x <= 9.9.2 and 9.5.x <= 9.5.8 fail to properly authorize requests when viewing archived channels is disabled, which allows an attacker to r…
|
NVD-CWE-noinfo
|
CVE-2024-42406
|
2024-10-1 20:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315030
|
4.4 |
MEDIUM
Local
|
codesys
|
oscat_basic_library
|
Out-of-Bounds read vulnerability in OSCAT Basic Library allows an local, unprivileged attacker to access limited internal data of the PLC which may lead to a crash of the affected service.
|
CWE-125
Out-of-bounds Read
|
CVE-2024-6876
|
2024-10-1 16:15 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
