Lucene search

K

1756-EN2TR Series A, B Security Vulnerabilities

nvd
nvd

CVE-2024-6043

A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects the function login of the file admin_class.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The...

7.3CVSS

0.0004EPSS

2024-06-17 01:15 AM
2
cve
cve

CVE-2024-6043

A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects the function login of the file admin_class.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The...

7.3CVSS

7.6AI Score

0.0004EPSS

2024-06-17 01:15 AM
4
cve
cve

CVE-2024-6042

A vulnerability was found in itsourcecode Real Estate Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file property-detail.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...

7.3CVSS

6.8AI Score

0.0004EPSS

2024-06-17 12:15 AM
7
nvd
nvd

CVE-2024-6042

A vulnerability was found in itsourcecode Real Estate Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file property-detail.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The...

7.3CVSS

0.0004EPSS

2024-06-17 12:15 AM
3
osv
osv

Malicious code in airbnb-o2 (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (15a37bd4059b76c7466684dfbc565c913af0ab4af849c5a643ce44d3bb7a4a6e) The OpenSSF Package Analysis project identified 'airbnb-o2' @ 13.37.1 (npm) as malicious. It is considered malicious because: The package...

7.1AI Score

2024-06-17 12:09 AM
2
vulnrichment
vulnrichment

CVE-2024-6043 SourceCodester Best House Rental Management System admin_class.php login sql injection

A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects the function login of the file admin_class.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The...

7.3CVSS

7.5AI Score

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2024-6043 SourceCodester Best House Rental Management System admin_class.php login sql injection

A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects the function login of the file admin_class.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The...

7.3CVSS

0.0004EPSS

2024-06-17 12:00 AM
3
openvas
openvas

Ubuntu: Security Advisory (USN-6818-3)

The remote host is missing an update for...

7.8CVSS

8.8AI Score

0.001EPSS

2024-06-17 12:00 AM
2
nessus
nessus

openSUSE 15 Security Update : php8 (SUSE-SU-2024:2039-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:2039-1 advisory. - CVE-2024-5458: Fixed an issue that allows to bypass filters in filter_var FILTER_VALIDATE_URL. (bsc#1226073) Tenable has extracted the preceding...

5.3CVSS

6.9AI Score

0.001EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 8 : flatpak (RHSA-2024:3961)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3961 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: sandbox escape via...

8.4CVSS

8.6AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 8 : firefox (RHSA-2024:3952)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3952 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

8AI Score

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2024-34833

Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability....

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2024-36574

A Prototype Pollution issue in flatten-json 1.0.1 allows an attacker to execute arbitrary code via module.exports.unflattenJSON...

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

Debian dla-3835 : roundcube - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3835 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3835-1 [email protected] ...

6.6AI Score

0.0004EPSS

2024-06-17 12:00 AM
1
vulnrichment
vulnrichment

CVE-2024-37620

PHPVOD v4.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the id parameter at...

6.2AI Score

0.0004EPSS

2024-06-17 12:00 AM
1
cvelist
cvelist

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admin_delete.php...

0.0004EPSS

2024-06-17 12:00 AM
packetstorm

7.4AI Score

2024-06-17 12:00 AM
26
nessus
nessus

Ubuntu 23.10 / 24.04 LTS : Rack vulnerabilities (USN-6837-1)

The remote Ubuntu 23.10 / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6837-1 advisory. It was discovered that Rack incorrectly handled Multipart MIME parsing. A remote attacker could possibly use this issue to cause Rack to...

7.5CVSS

7.7AI Score

0.001EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 9 : firefox (RHSA-2024:3958)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3958 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

7.7AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 9 : firefox (RHSA-2024:3955)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3955 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

7.7AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 8 : flatpak (RHSA-2024:3962)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3962 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: sandbox escape via...

8.4CVSS

7.4AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

openSUSE 15 Security Update : booth (SUSE-SU-2024:2040-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:2040-1 advisory. - CVE-2024-3049: Fixed a vulnerability where a specially crafted hash can lead to invalid HMAC being accepted by Booth server. (bsc#1226032) Tenable has...

7.4CVSS

6.9AI Score

0.001EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 7 : linux-firmware (RHSA-2024:3939)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3939 advisory. The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * hw:...

8.2CVSS

7.4AI Score

0.0005EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 8 : firefox (RHSA-2024:3953)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3953 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

8.2AI Score

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2024-36581

A Prototype Pollution issue in abw badger-database 1.2.1 allows an attacker to execute arbitrary code via...

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2024-37621

StrongShop v1.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the component...

0.0004EPSS

2024-06-17 12:00 AM
vulnrichment
vulnrichment

CVE-2024-37623

Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /kaoqin/tpl_kaoqin_locationchange.html...

6.2AI Score

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2024-37794

Improper input validation in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT2 input...

0.0004EPSS

2024-06-17 12:00 AM
vulnrichment
vulnrichment

CVE-2024-38469

zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the $search parameter at...

6.2AI Score

0.0004EPSS

2024-06-17 12:00 AM
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0221)

The remote host is missing an update for...

7.1AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 8 : firefox (RHSA-2024:3950)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3950 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

7.7AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 7 : firefox (RHSA-2024:3951)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3951 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

7.7AI Score

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2023-37057

An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to execute arbitrary code via the router's authentication...

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2023-37058

Insecure Permissions vulnerability in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to escalate privileges via a crafted...

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2024-36573

almela obx before v.0.0.4 has a Prototype Pollution issue which allows arbitrary code execution via the obx/build/index.js:656), reduce (@almela/obx/build/index.js:470), Object.set (obx/build/index.js:269)...

0.0004EPSS

2024-06-17 12:00 AM
vulnrichment
vulnrichment

CVE-2024-36574

A Prototype Pollution issue in flatten-json 1.0.1 allows an attacker to execute arbitrary code via module.exports.unflattenJSON...

7.8AI Score

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2024-37624

Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /chajian/inputChajian.php....

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2024-37828

A stored cross-site scripting (XSS) in Vermeg Agile Reporter v23.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field under the Set Broadcast Message...

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2024-38449

A Directory Traversal vulnerability in KasmVNC 1.3.1.230e50f7b89663316c70de7b0e3db6f6b9340489 and possibly earlier versions allows remote authenticated attackers to browse parent directories and read the content of files outside the scope of the...

0.0004EPSS

2024-06-17 12:00 AM
cvelist
cvelist

CVE-2024-38470

zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the $search parameter at...

0.0004EPSS

2024-06-17 12:00 AM
vulnrichment
vulnrichment

CVE-2024-38470

zhimengzhe iBarn v1.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the $search parameter at...

6.2AI Score

0.0004EPSS

2024-06-17 12:00 AM
1
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0219)

The remote host is missing an update for...

7.1AI Score

0.008EPSS

2024-06-17 12:00 AM
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0222)

The remote host is missing an update for...

7.1AI Score

0.0004EPSS

2024-06-17 12:00 AM
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0224)

The remote host is missing an update for...

8.5CVSS

7.1AI Score

0.005EPSS

2024-06-17 12:00 AM
openvas
openvas

Ubuntu: Security Advisory (USN-6821-4)

The remote host is missing an update for...

8CVSS

8AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 9 : flatpak (RHSA-2024:3959)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3959 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fix(es): * flatpak: sandbox escape via...

8.4CVSS

8.6AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

RHEL 8 : firefox (RHSA-2024:3954)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3954 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

7.7AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : SSSD vulnerability (USN-6836-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6836-1 advisory. It was discovered that SSSD did not always correctly apply the GPO policy for authenticated users, contrary to expectations....

7.1CVSS

6.8AI Score

0.0004EPSS

2024-06-17 12:00 AM
nessus
nessus

Fedora 39 : galera / mariadb (2024-d61bffd77f)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-d61bffd77f advisory. MariaDB 10.5.25 & Galera 26.4.18 Release notes: https://mariadb.com/kb/en/mariadb-10-5-25-release-notes/ Tenable has extracted the preceding...

7.4AI Score

2024-06-17 12:00 AM
nessus
nessus

openSUSE 15 Security Update : php8 (SUSE-SU-2024:2038-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:2038-1 advisory. - CVE-2024-5458: Fixed an issue that allows to bypass filters in filter_var FILTER_VALIDATE_URL. (bsc#1226073) Tenable has extracted the preceding...

5.3CVSS

6.9AI Score

0.001EPSS

2024-06-17 12:00 AM
Total number of security vulnerabilities2919148