|
312311
|
6.2 |
MEDIUM
Local
|
progress
|
telerik_report_server
|
In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this informat…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-7295
|
2024-11-19 02:41 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312312
|
- |
|
-
|
-
|
A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected syste…
|
CWE-200
Information Exposure
|
CVE-2020-3525
|
2024-11-19 02:35 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312313
|
- |
|
-
|
-
|
Holy Stone Remote ID Module HSRID01, firmware distributed with the Drone Go2 mobile application before 1.1.8, allows unauthenticated "remote power off" actions (in broadcast mode) via multiple read o…
|
-
|
CVE-2024-52876
|
2024-11-19 02:35 |
2024-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312314
|
9.0 |
CRITICAL
Network
|
xwiki
|
pdf_viewer_macro
|
macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The width parameter of the PDF viewer macro isn't properly escaped, allowing XSS for any user who can edit a page. XSS can impact…
|
CWE-79
Cross-site Scripting
|
CVE-2024-52300
|
2024-11-19 02:29 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312315
|
7.5 |
HIGH
Network
|
xwiki
|
pdf_viewer_macro
|
macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. Any user with view right on XWiki.PDFViewerService can access any attachment stored in the wiki as the "key" that is passed to pr…
|
NVD-CWE-noinfo
|
CVE-2024-52299
|
2024-11-19 02:29 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312316
|
7.5 |
HIGH
Network
|
xwiki
|
pdf_viewer_macro
|
macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The PDF Viewer macro allows an attacker to view any attachment using the "Delegate my view right" feature as long as the attacker…
|
NVD-CWE-noinfo
|
CVE-2024-52298
|
2024-11-19 02:29 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312317
|
8.1 |
HIGH
Network
|
mayurik
|
hospital_management_system
|
A vulnerability classified as problematic has been found in SourceCodester Hospital Management System 1.0. This affects an unknown part of the file /vm/patient/delete-account.php. The manipulation of…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-11073
|
2024-11-19 02:21 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312318
|
5.5 |
MEDIUM
Local
|
isellerpal
|
enterprise_resource_management_system
|
An issue in Huizhi enterprise resource management system v.1.0 and before allows a local attacker to obtain sensitive information via the /nssys/common/filehandle. Aspx component
|
NVD-CWE-noinfo
|
CVE-2024-42677
|
2024-11-19 02:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312319
|
- |
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a directory traversal attack and obtain read access to …
|
-
|
CVE-2021-1465
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312320
|
4.6 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in a certain REST API endpoint of Cisco Data Center Network Manager (DCNM) Software could allow an authenticated, remote attacker to perform a path traversal attack on an affecte…
|
-
|
CVE-2020-3538
|
2024-11-19 02:11 |
2024-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
