|
312451
|
7.8 |
HIGH
Local
|
iconics
mitsubishielectric
|
genesis64
mc_works64
|
Incorrect Default Permissions vulnerability in GenBroker32, which is included in the installers for ICONICS GENESIS64 version 10.97.3 and prior, Mitsubishi Electric GENESIS64 version 10.97.3 and prio…
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-7587
|
2024-11-6 02:24 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312452
|
- |
|
-
|
-
|
System logs could be accessed through web management application due to a lack of access control.
An attacker can obtain the following sensitive information:
• Wi-Fi access point credentials t…
|
-
|
CVE-2023-29114
|
2024-11-6 02:15 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312453
|
7.8 |
HIGH
Local
|
okta
|
verify
|
The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords asso…
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-9191
|
2024-11-6 02:06 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312454
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the function docHistory of the file /com/esafenet/servlet/fileManagement/FileDirectoryService.java. The ma…
|
CWE-89
SQL Injection
|
CVE-2024-10594
|
2024-11-6 02:05 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312455
|
5.4 |
MEDIUM
Network
|
webcraftplugins
|
image_map_pro
|
The Image Map Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'save_project' function with an arbitrary shortcode in versions up to, and including, 6.0.20 due to insuffi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9585
|
2024-11-6 02:05 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312456
|
9.8 |
CRITICAL
Network
|
esafenet
|
cdg
|
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function deleteHook of the file /com/esafenet/servlet/policy/HookService.java. The manipulation of the…
|
CWE-89
SQL Injection
|
CVE-2024-10660
|
2024-11-6 02:04 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312457
|
9.8 |
CRITICAL
Network
|
esafenet
|
cdg
|
A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. Affected by this issue is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/document/CDGAuthor…
|
CWE-89
SQL Injection
|
CVE-2024-10659
|
2024-11-6 02:04 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312458
|
5.4 |
MEDIUM
Network
|
webcraftplugins
|
image_map_pro
|
The Image Map Pro plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the AJAX functions in versions up to, and including, 6.…
|
CWE-862
Missing Authorization
|
CVE-2024-9584
|
2024-11-6 02:04 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312459
|
3.5 |
LOW
Network
|
mattermost
|
mattermost
|
Mattermost versions 9.11.X <= 9.11.1, 9.5.x <= 9.5.9 icorrectly issues two sessions when using desktop SSO - one in the browser and one in desktop with incorrect settings.
|
NVD-CWE-Other
|
CVE-2024-10214
|
2024-11-6 02:03 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312460
|
9.8 |
CRITICAL
Network
|
fabinros
|
simple_car_rental_system
|
A vulnerability classified as critical has been found in code-projects Simple Car Rental System 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname le…
|
CWE-89
SQL Injection
|
CVE-2024-10702
|
2024-11-6 01:52 |
2024-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
