|
315211
|
- |
|
-
|
-
|
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.8, including 8.3.x, discloses database passwords when searching metadata injectable fields.
|
-
|
CVE-2024-28981
|
2024-09-12 09:15 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315212
|
6.1 |
MEDIUM
Network
|
friendica
|
friendica
|
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature.
|
CWE-79
Cross-site Scripting
|
CVE-2024-27729
|
2024-09-12 05:29 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315213
|
6.5 |
MEDIUM
Network
|
elastic
|
apm_server
|
APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-37286
|
2024-09-12 05:20 |
2024-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315214
|
9.8 |
CRITICAL
Network
|
angeljudesuarez
|
airline_reservation_system
|
A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been rated as critical. Affected by this issue is the function save_settings of the file admin/admin_class.php. The ma…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-7500
|
2024-09-12 05:07 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315215
|
8.8 |
HIGH
Network
|
angeljudesuarez
|
tailoring_management_system
|
A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /setlogo.php. The man…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-7506
|
2024-09-12 05:02 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315216
|
9.8 |
CRITICAL
Network
|
rainniar
|
bike_delivery_system
|
A vulnerability, which was classified as critical, was found in itsourcecode Bike Delivery System 1.0. Affected is an unknown function of the file contact_us_action.php. The manipulation of the argum…
|
CWE-89
SQL Injection
|
CVE-2024-7505
|
2024-09-12 04:53 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315217
|
6.5 |
MEDIUM
Network
|
cybozu
|
office
|
Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to the product to view data that the user does not have access b…
|
NVD-CWE-noinfo
|
CVE-2024-39817
|
2024-09-12 04:36 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315218
|
9.8 |
CRITICAL
Network
|
tenda
|
i22_firmware
|
A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as critical. Affected by this vulnerability is the function formApPortalWebAuth of the file /goform/apPortalAuth. The manipula…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-7585
|
2024-09-12 04:32 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315219
|
9.8 |
CRITICAL
Network
|
tenda
|
i22_firmware
|
A vulnerability, which was classified as critical, was found in Tenda i22 1.0.0.3(4687). Affected is the function formApPortalPhoneAuth of the file /goform/apPortalPhoneAuth. The manipulation of the …
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-7584
|
2024-09-12 04:25 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315220
|
7.8 |
HIGH
Local
|
jetbrains
|
teamcity
|
In JetBrains TeamCity before 2024.07.1 possible privilege escalation due to incorrect directory permissions
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-43114
|
2024-09-12 04:11 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
