Lucene search
K

2496 matches found

RedhatCVE
RedhatCVE
added 2024/11/06 6:29 a.m.12 views

CVE-2024-9902

A flaw was found in Ansible. The ansible-core user module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the user module against the unprivileged user's home directory. If the...

6.3CVSS7AI score0.00248EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/11/06 12:0 a.m.12 views

RHEL 9 : libtiff (RHSA-2024:8914)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8914 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: NULL pointer...

7.5CVSS7AI score0.01516EPSS
Exploits0References5
NVD
NVD
added 2024/11/04 5:15 a.m.15 views

CVE-2024-10760

A vulnerability was found in code-projects University Event Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dodelete.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has bee...

7.5CVSS0.00446EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/11/04 5:0 a.m.13 views

CVE-2024-10761 Umbraco CMS Dashboard frame cross site scripting

A vulnerability was found in Umbraco CMS up to 10.7.7/12.3.6/13.5.2/14.3.1/15.1.1. It has been classified as problematic. Affected is an unknown function of the file /Umbraco/preview/frame?id of the component Dashboard. The manipulation of the argument culture leads to cross site scripting. It is...

6.9CVSS4.4AI score0.00559EPSS
Exploits1References5
NVD
NVD
added 2024/11/04 3:15 a.m.17 views

CVE-2024-10756

A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unittesting/templates/htmltable.php. The manipulation of the argument scripts leads to cross...

6.1CVSS0.00393EPSS
Exploits1References5
NVD
NVD
added 2024/11/04 3:15 a.m.23 views

CVE-2024-10754

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/assets/plugins/DataTables/media/unittesting/templates/dymanictable.php. The manipulation of the argument scripts leads to cross site...

6.1CVSS0.00393EPSS
Exploits1References5
NVD
NVD
added 2024/11/04 2:15 a.m.14 views

CVE-2024-10752

A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file /productsadd.php. The manipulation of the argument id/name leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

9.8CVSS0.00595EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/11/04 1:31 a.m.19 views

CVE-2024-10752 Codezips Pet Shop Management System productsadd.php sql injection

A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file /productsadd.php. The manipulation of the argument id/name leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

7.5CVSS0.00595EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/11/04 1:31 a.m.14 views

CVE-2024-10752 Codezips Pet Shop Management System productsadd.php sql injection

A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file /productsadd.php. The manipulation of the argument id/name leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

7.5CVSS7.5AI score0.00595EPSS
Exploits1References4
CVE
CVE
added 2024/11/03 10:31 p.m.42 views

CVE-2024-10744

CVE-2024-10744 affects PHPGurukul Online Shopping Portal 2.0, specifically the /admin/assets/plugins/DataTables/media/unit_testing/templates/complex_header_2.php functionality. The issue is a cross-site scripting flaw triggered by manipulating the scripts parameter, enabling remote exploitation. ...

6.1CVSS4.1AI score0.00367EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2024/11/03 5:15 p.m.13 views

CVE-2024-10738

A vulnerability classified as critical was found in itsourcecode Farm Management System 1.0. Affected by this vulnerability is an unknown functionality of the file manage-breed.php. The manipulation of the argument breed leads to sql injection. The attack can be launched remotely. The exploit has...

9.8CVSS0.00508EPSS
Exploits1References5
NVD
NVD
added 2024/11/01 4:15 a.m.24 views

CVE-2024-10616

A vulnerability classified as critical has been found in Tongda OA up to 11.9. This affects an unknown part of the file /pda/workflow/webSignSubmit.php. The manipulation of the argument saleId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed t...

9.8CVSS0.00543EPSS
Exploits1References4
NVD
NVD
added 2024/10/31 10:15 p.m.12 views

CVE-2024-10599

A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7. This issue affects some unknown processing of the file /inc/packagestaticresources.php. The manipulation leads to resource consumption. The attack may be initiated remotely. The exploit has been...

7.5CVSS0.00942EPSS
Exploits1References4
CVE
CVE
added 2024/10/31 9:31 p.m.62 views

CVE-2024-10599

CVE-2024-10599 affects Tongda OA 2017 up to version 11.7. The vulnerability arises from improper handling of the file /inc/package_static_resources.php, leading to resource consumption that can be triggered remotely. Multiple sources confirm the issue and disclose that an exploit exists. Remediat...

7.5CVSS5.7AI score0.00942EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/31 9:31 p.m.9 views

CVE-2024-10599 Tongda OA 2017 package_static_resources.php resource consumption

A vulnerability, which was classified as problematic, has been found in Tongda OA 2017 up to 11.7. This issue affects some unknown processing of the file /inc/packagestaticresources.php. The manipulation leads to resource consumption. The attack may be initiated remotely. The exploit has been...

6.9CVSS6.8AI score0.00942EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/10/31 9:31 p.m.20 views

CVE-2024-10598 Tongda OA Annual Leave data.php improper authorization

A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This vulnerability affects unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads to improper authorization. The attack can be...

6.9CVSS0.00517EPSS
Exploits1References4
NVD
NVD
added 2024/10/31 9:15 p.m.17 views

CVE-2024-10595

A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this vulnerability is the function delFile/delDifferCourseList of the file /com/esafenet/servlet/ajax/PublicDocInfoAjax.java. The manipulation leads to sql injection. The attack can be launched remotely. Th...

9.8CVSS0.00551EPSS
Exploits1References4
CVE
CVE
added 2024/10/31 1:0 a.m.54 views

CVE-2024-10557

The CVE-2024-10557 entry applies to code-projects Blood Bank Management System 1.0. The vulnerability is a cross-site request forgery impacting an unknown function in /file/updateprofile.php, with remote initiation and public disclosure of the exploit. Root cause is CSRF exposure in the updatepro...

6.9CVSS4.9AI score0.0056EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2024/10/30 2:15 a.m.13 views

CVE-2024-10505

A vulnerability was found in wuzhicms 4.1.0. It has been classified as critical. Affected is the function add/edit of the file www/coreframe/app/content/admin/block.php. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

7.2CVSS0.00677EPSS
Exploits1References4
CVE
CVE
added 2024/10/29 12:49 p.m.292 views

CVE-2024-7774

CVE-2024-7774 describes a path traversal in langchain-ai/langchainjs v0.2.5. The getFullPath path handling is vulnerable, allowing an attacker to save files anywhere, overwrite text files, read .txt files, and delete files via unsanitized input in getFullPath and related calls (setFileContent, ge...

9.1CVSS6.8AI score0.00545EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder