|
310951
|
5.9 |
MEDIUM
Network
|
ibm
|
txseries_for_multiplatforms
|
IBM TXSeries for Multiplatforms 10.1 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the …
|
NVD-CWE-noinfo
|
CVE-2024-41738
|
2024-11-15 05:51 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310952
|
7.8 |
HIGH
Local
|
bytecodealliance
|
webassembly_micro_runtime
|
An issue in bytecodealliance wasm-micro-runtime before v.b3f728c and fixed in commit 06df58f allows a remote attacker to escalate privileges via a crafted file to the check_was_abi_compatibility func…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-25431
|
2024-11-15 05:42 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310953
|
5.3 |
MEDIUM
Network
|
ibm
|
txseries_for_multiplatforms
|
IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to an observable timing discrepancy which could be used in further attacks against the system.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-41741
|
2024-11-15 05:42 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310954
|
8.8 |
HIGH
Network
|
sbond
|
watcharr
|
A vulnerability in a weak JWT token in Watcharr v1.43.0 and below allows attackers to perform privilege escalation using a crafted JWT token. This vulnerability is not limited to privilege escalation…
|
NVD-CWE-noinfo
|
CVE-2024-50634
|
2024-11-15 05:40 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310955
|
7.8 |
HIGH
Local
|
artifex
debian
suse
|
ghostscript
debian_linux
linux_enterprise_high_performance_computing
linux_enterprise_server
linux_enterprise_server_for_sap
|
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.
|
CWE-125
Out-of-bounds Read
|
CVE-2024-46956
|
2024-11-15 05:39 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310956
|
6.7 |
MEDIUM
Local
|
fortinet
|
forticlient
|
An improper verification of cryptographic signature vulnerability [CWE-347] in FortiClient MacOS version 7.4.0, version 7.2.4 and below, version 7.0.10 and below, version 6.4.10 and below may allow a…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2024-40592
|
2024-11-15 05:37 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310957
|
8.8 |
HIGH
Local
|
fortinet
|
forticlient
|
A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate thei…
|
CWE-270
Privilege Context Switching Error
|
CVE-2024-36513
|
2024-11-15 05:35 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310958
|
6.1 |
MEDIUM
Network
|
ibm
|
cics_tx
|
IBM CICS TX Standard is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functiona…
|
CWE-79
Cross-site Scripting
|
CVE-2024-41745
|
2024-11-15 05:35 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310959
|
- |
|
-
|
-
|
An issue in the API endpoint /AccountMaster/GetCurrentUserInfo of INROAD before v202402060 allows attackers to access sensitive information via a crafted payload to the UserNameOrPhoneNumber paramete…
|
-
|
CVE-2024-46635
|
2024-11-15 05:35 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310960
|
4.4 |
MEDIUM
Local
|
fortinet
|
fortiweb
|
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiWeb version 7.6.0, version 7.4.3 and below, version 7.2.10 and below, version 7.0.10 and …
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2024-36509
|
2024-11-15 05:33 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
