|
315491
|
3.3 |
LOW
Local
|
ofono_project
|
ofono
|
oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An a…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-7540
|
2024-08-30 02:58 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315492
|
3.3 |
LOW
Local
|
ofono_project
|
ofono
|
oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An at…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-7541
|
2024-08-30 02:57 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315493
|
3.3 |
LOW
Local
|
ofono_project
|
ofono
|
oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An a…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-7542
|
2024-08-30 02:56 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315494
|
7.8 |
HIGH
Local
|
ofono_project
|
ofono
|
oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to execute arbitrary code on affected installations of oFono. An attacker mus…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7546
|
2024-08-30 02:55 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315495
|
5.4 |
MEDIUM
Network
|
haloservicesolutions
|
haloitsm
|
HaloITSM versions up to 2.146.1 are affected by a Stored Cross-Site Scripting (XSS) vulnerability. The injected JavaScript code can execute arbitrary action on behalf of the user accessing a ticket. …
|
CWE-79
Cross-site Scripting
|
CVE-2024-6200
|
2024-08-30 02:53 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315496
|
5.3 |
MEDIUM
Network
|
haloservicesolutions
|
haloitsm
|
HaloITSM versions up to 2.146.1 are affected by a Template Injection vulnerability within the engine used to generate emails. This can lead to the leakage of potentially sensitive information. HaloIT…
|
NVD-CWE-Other
|
CVE-2024-6201
|
2024-08-30 02:52 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315497
|
9.8 |
CRITICAL
Network
|
haloservicesolutions
|
haloitsm
|
HaloITSM versions up to 2.146.1 are affected by a SAML XML Signature Wrapping (XSW) vulnerability. When having a SAML integration configured, anonymous actors could impersonate arbitrary HaloITSM use…
|
CWE-863
Incorrect Authorization
|
CVE-2024-6202
|
2024-08-30 02:48 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315498
|
8.1 |
HIGH
Network
|
haloservicesolutions
|
haloitsm
|
HaloITSM versions up to 2.146.1 are affected by a Password Reset Poisoning vulnerability. Poisoned password reset links can be sent to existing HaloITSM users (given their email address is known). Wh…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2024-6203
|
2024-08-30 02:46 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315499
|
6.1 |
MEDIUM
Network
|
mozilla
|
firefox
firefox_esr
|
Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker a…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7524
|
2024-08-30 02:35 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315500
|
6.1 |
MEDIUM
Network
|
insurance_management_system_project
|
insurance_management_system
|
A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file editCl…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8208
|
2024-08-30 02:27 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
