|
311681
|
3.5 |
LOW
Network
|
mattermost
|
mattermost
|
Mattermost versions 9.11.X <= 9.11.1, 9.5.x <= 9.5.9 icorrectly issues two sessions when using desktop SSO - one in the browser and one in desktop with incorrect settings.
|
NVD-CWE-Other
|
CVE-2024-10214
|
2024-11-6 02:03 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311682
|
9.8 |
CRITICAL
Network
|
fabinros
|
simple_car_rental_system
|
A vulnerability classified as critical has been found in code-projects Simple Car Rental System 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname le…
|
CWE-89
SQL Injection
|
CVE-2024-10702
|
2024-11-6 01:52 |
2024-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311683
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
car_rental_portal
|
A vulnerability was found in PHPGurukul Car Rental Portal 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /search.php. The manipulation of the argument s…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10701
|
2024-11-6 01:52 |
2024-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311684
|
6.5 |
MEDIUM
Network
|
cert
|
vince
|
VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-10469
|
2024-11-6 01:51 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311685
|
4.8 |
MEDIUM
Adjacent
|
argo_workflows_project
|
argo_workflows
|
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controll…
|
CWE-362
CWE-1108
Race Condition
Excessive Reliance on Global Variables
|
CVE-2024-47827
|
2024-11-6 01:50 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311686
|
7.5 |
HIGH
Network
|
squid-cache
|
squid
|
Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resour…
|
NVD-CWE-noinfo
|
CVE-2024-45802
|
2024-11-6 01:45 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311687
|
7.5 |
HIGH
Network
|
ruby-lang
|
rexml
|
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). …
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2024-49761
|
2024-11-6 01:41 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311688
|
7.5 |
HIGH
Network
|
ibm
|
cics_transaction_gateway
|
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retr…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2023-50310
|
2024-11-6 01:40 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311689
|
- |
|
-
|
-
|
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at ru_wan_flow.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via…
|
-
|
CVE-2024-52030
|
2024-11-6 01:35 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311690
|
- |
|
-
|
-
|
Netgear R7000P v1.3.3.154 was discovered to contain a stack overflow via the pptp_user_netmask parameter at genie_pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via …
|
-
|
CVE-2024-52029
|
2024-11-6 01:35 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
