|
316741
|
4.8 |
MEDIUM
Network
|
tpmecms
|
tpmecms
|
A vulnerability, which was classified as problematic, was found in xiaohe4966 TpMeCMS 1.3.3.2. Affected is an unknown function of the file /h.php/general/config?ref=addtabs of the component Basic Con…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7900
|
2024-08-21 04:32 |
2024-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316742
|
7.2 |
HIGH
Network
|
innocms
|
innocms
|
A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1. This issue affects some unknown processing of the file /panel/pages/1/edit of the component Backend. The manipulati…
|
CWE-94
Code Injection
|
CVE-2024-7899
|
2024-08-21 04:32 |
2024-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316743
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (ltc2991) re-order conditions to fix off by one bug
LTC2991_T_INT_CH_NR is 4. The st->temp_en[] array has LTC2991_MAX_CHA…
|
CWE-193
Off-by-one Error
|
CVE-2024-43852
|
2024-08-21 04:32 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316744
|
4.4 |
MEDIUM
Local
|
paloaltonetworks
|
pan-os
|
An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-5916
|
2024-08-21 04:30 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316745
|
5.4 |
MEDIUM
Network
|
stitionai
|
devika
|
A stored cross site scripting vulnerabilities exists in DevikaAI from commit 6acce21fb08c3d1123ef05df6a33912bf0ee77c2 onwards via improperly decoded user input.
|
CWE-79
Cross-site Scripting
|
CVE-2024-7790
|
2024-08-21 04:27 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316746
|
4.3 |
MEDIUM
Network
|
f5
|
big-ip_access_policy_manager
big-ip_advanced_firewall_manager
big-ip_advanced_web_application_firewall
big-ip_analytics
big-ip_application_acceleration_manager
big-ip_application_secur…
|
Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
|
NVD-CWE-noinfo
|
CVE-2024-41723
|
2024-08-21 04:26 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316747
|
7.8 |
HIGH
Local
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context …
|
CWE-416
Use After Free
|
CVE-2024-39383
|
2024-08-21 04:26 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316748
|
5.3 |
MEDIUM
Network
|
f5
|
big-ip_next_central_manager
|
BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
|
CWE-287
Improper Authentication
|
CVE-2024-37028
|
2024-08-21 04:26 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316749
|
7.5 |
HIGH
Network
|
f5
|
big-ip_access_policy_manager
big-ip_advanced_firewall_manager
big-ip_advanced_web_application_firewall
big-ip_analytics
big-ip_application_acceleration_manager
big-ip_application_secur…
|
In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization.
…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-41727
|
2024-08-21 04:25 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316750
|
5.5 |
MEDIUM
Local
|
xpdfreader
|
xpdf
|
In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.
|
CWE-674
Uncontrolled Recursion
|
CVE-2024-7866
|
2024-08-21 04:23 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
