|
315551
|
9.8 |
CRITICAL
Network
|
gematik
|
reference_validator
|
The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons p…
|
CWE-611
XXE
|
CVE-2024-46984
|
2024-09-26 02:49 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315552
|
9.8 |
CRITICAL
Network
|
code-projects
|
crud_operation_system
|
A vulnerability, which was classified as critical, was found in code-projects Crud Operation System 1.0. Affected is an unknown function of the file updata.php. The manipulation of the argument sid l…
|
CWE-89
SQL Injection
|
CVE-2024-9011
|
2024-09-26 02:48 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315553
|
9.8 |
CRITICAL
Network
|
fabianros
|
online_quiz_site
|
A vulnerability, which was classified as critical, has been found in code-projects Online Quiz Site 1.0. This issue affects some unknown processing of the file showtest.php. The manipulation of the a…
|
CWE-89
SQL Injection
|
CVE-2024-9009
|
2024-09-26 02:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315554
|
9.8 |
CRITICAL
Network
|
antfin
|
sofa-hessian
|
sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous cla…
|
NVD-CWE-noinfo
|
CVE-2024-46983
|
2024-09-26 02:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315555
|
7.5 |
HIGH
Network
|
traefik
|
traefik
|
Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the req…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2024-45410
|
2024-09-26 02:39 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315556
|
9.8 |
CRITICAL
Network
|
d7y
|
dragonfly
|
Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2023-27584
|
2024-09-26 02:28 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315557
|
6.5 |
MEDIUM
Network
|
envoyproxy
|
envoy
|
Envoy is a cloud-native high-performance edge/middle/service proxy. A vulnerability has been identified in Envoy that allows malicious attackers to inject unexpected content into access logs. This is…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2024-45808
|
2024-09-26 02:18 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315558
|
5.3 |
MEDIUM
Network
|
jflow_project
|
jflow
|
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic. This issue affects the function AttachmentUploadController of the file /WF/Ath/EntityMutliFile_Load.…
|
NVD-CWE-Other
|
CVE-2024-9003
|
2024-09-26 02:18 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315559
|
7.5 |
HIGH
Network
|
envoyproxy
|
envoy
|
Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's 1.31 is using `oghttp` as the default HTTP/2 codec, and there are potential bugs around stream management in the codec. To …
|
NVD-CWE-noinfo
|
CVE-2024-45807
|
2024-09-26 02:12 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315560
|
5.4 |
MEDIUM
Network
|
cryoutcreations
|
kahuna
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Kahuna allows Stored XSS.This issue affects Kahuna: from n/a through 1.7.0.
|
CWE-79
Cross-site Scripting
|
CVE-2024-43994
|
2024-09-26 02:09 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
