|
314211
|
7.5 |
HIGH
Network
|
skyport
|
skyportd
|
Skyport Daemon (skyportd) is the daemon for the Skyport Panel. By making thousands of folders & files (easy due to skyport's lack of rate limiting on createFolder. createFile), skyportd in a lot of c…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-42481
|
2024-09-17 02:10 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314212
|
7.8 |
HIGH
Local
|
ultimaker
|
ultimaker_cura
|
UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via the 3MF format reader (/plugins/ThreeMFReader.py). The vulnerability arises from improper handling of th…
|
CWE-94
Code Injection
|
CVE-2024-8374
|
2024-09-17 01:44 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314213
|
6.4 |
MEDIUM
Network
|
halo
|
halo
|
Halo is an open source website building tool. A security vulnerability has been identified in versions prior to 2.19.0 of the Halo project. This vulnerability allows an attacker to execute malicious …
|
CWE-79
Cross-site Scripting
|
CVE-2024-43793
|
2024-09-17 01:28 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314214
|
6.1 |
MEDIUM
Network
|
halo
|
halo
|
Halo is an open source website building tool. A security vulnerability has been identified in versions prior to 2.17.0 of the Halo project. This vulnerability allows an attacker to execute malicious …
|
CWE-79
Cross-site Scripting
|
CVE-2024-43792
|
2024-09-17 01:26 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314215
|
8.2 |
HIGH
Network
|
sap
|
bex_web_java_runtime_export_web_service
|
BEx Web Java Runtime Export Web Service does not
sufficiently validate an XML document accepted from an untrusted source. An
attacker can retrieve information from the SAP ADS system and exhaust the
…
|
CWE-91
Blind XPath Injection
|
CVE-2024-42374
|
2024-09-17 01:25 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314216
|
9.1 |
CRITICAL
Network
|
sap
|
commerce_cloud
|
Some OCC API endpoints in SAP Commerce Cloud
allows Personally Identifiable Information (PII) data, such as passwords, email
addresses, mobile numbers, coupon codes, and voucher codes, to be included…
|
NVD-CWE-noinfo
|
CVE-2024-33003
|
2024-09-17 01:22 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314217
|
7.5 |
HIGH
Network
|
github
|
actions\/artifact
actions_toolkit
|
actions/artifact is the GitHub ToolKit for developing GitHub Actions. Versions of `actions/artifact` before 2.1.7 are vulnerable to arbitrary file write when using `downloadArtifactInternal`, `downl…
|
CWE-22
Path Traversal
|
CVE-2024-42471
|
2024-09-17 01:18 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314218
|
4.3 |
MEDIUM
Network
|
sap
|
business_objects_business_intelligence_platform
|
SAP BusinessObjects Business Intelligence
Platform allows an authenticated attacker to upload malicious code over the
network, that could be executed by the application. On successful
exploitat…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-28166
|
2024-09-17 01:17 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314219
|
5.3 |
MEDIUM
Network
|
mainwww
|
mwcms
|
A vulnerability was found in Fujian mwcms 1.0.0. It has been declared as critical. Affected by this vulnerability is the function uploadeditor of the file /uploadeditor.html?action=uploadimage of the…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-7705
|
2024-09-17 01:15 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314220
|
4.4 |
MEDIUM
Local
|
dell
|
insightiq
|
Dell PowerScale InsightIQ, version 5.1, contain an Improper Privilege Management vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to D…
|
NVD-CWE-noinfo
|
CVE-2024-39574
|
2024-09-17 00:59 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
