CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5315 matches found

NVD•added 2024/07/15 3:15 a.m.•22 views

CVE-2024-39729

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the system. IBM X-Force ID: 295968...

4.3CVSS0.0008EPSS

Exploits0References2

OSV•added 2024/07/15 3:15 a.m.•1 views

CVE-2024-39729

4.3CVSS5.8AI score

Exploits0References2

CVE•added 2024/07/15 2:7 a.m.•53 views

CVE-2024-39729

Summary (CVE-2024-39729): IBM Datacap Navigator 9.1.5–9.1.9 is affected by an information-disclosure vulnerability enabling an authenticated user to read sensitive data from the source code. Affected products/versions: Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, 9.1.9. Red Hat and other sources...

4.3CVSS4.2AI score0.0008EPSS

Exploits0References2Affected Software2

Vulnrichment•added 2024/07/15 2:7 a.m.•13 views

CVE-2024-39729 IBM Datacap Navigator information disclosure

4.3CVSS5.9AI score0.0008EPSS

Exploits0References2

CNNVD•added 2024/07/15 12:0 a.m.•1 views

IBM Datacap Navigator 安全漏洞

IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. A security vulnerability exists in IBM Datacap Navigator, which can be exploited by attackers to obtain sensitive information from the source code...

4.3CVSS6.2AI score0.0008EPSS

Exploits0References3

Positive Technologies•added 2024/07/12 12:0 a.m.•2 views

PT-2024-5095 · Ibm · Ibm Datacap Navigator

Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.5 through 9.1.9 Description: The issue is related to insufficient protection of service data in the source code, allowing an authenticated user to obtain sensitive information that could be used in further...

4.3CVSS6.5AI score0.0008EPSS

Exploits0References8

GithubExploit•added 2024/07/10 5:39 a.m.•343 views

Exploit for OS Command Injection in Dolibarr Dolibarr_Erp\/Crm

DolibabyPhp An authenticated RCE exploit for Dolibarr ERP/CRM...

8.8CVSS8.8AI score0.89175EPSS

Exploits16

OSV•added 2024/07/09 7:16 a.m.•26 views

BIT-APACHE-2024-39884 Apache HTTP Server: source code disclosure with handlers configured via AddType

A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...

6.2CVSS6.6AI score0.00246EPSS

Exploits0References5

Positive Technologies•added 2024/07/09 12:0 a.m.•5 views

PT-2024-5185 · Apache +6 · Apache Http Server +6

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.61 Description: The issue is related to the core of Apache HTTP Server, where a partial fix ignores some use of the legacy content-type based configuration of handlers. This can result in source code disclosure...

9.1CVSS5.7AI score0.25097EPSS

Exploits5References83

Cvelist•added 2024/07/09 12:0 a.m.•16 views

CVE-2024-37871

SQL injection vulnerability in login.php in Itsourcecode Online Discussion Forum Project in PHP with Source Code 1.0 allows remote attackers to execute arbitrary SQL commands via the email parameter...

0.00095EPSS

Exploits1References1

Ubuntu•added 2024/07/08 5:56 p.m.•399 views

USN-6885-1: Apache HTTP Server vulnerabilities

Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2024-36387 Orange Tsai discovered that the Apache...

9.8CVSS7.6AI score0.93858EPSS

Exploits2

The Hacker News•added 2024/07/08 6:55 a.m.•61 views

Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service

Four unpatched security flaws, including three critical ones, have been disclosed in the Gogs open-source, self-hosted Git service that could enable an authenticated attacker to breach susceptible instances, steal or wipe source code, and even plant backdoors. The vulnerabilities, according to...

9.9CVSS8AI score0.11879EPSS

Exploits5

Tenable Nessus•added 2024/07/05 12:0 a.m.•33 views

FreeBSD : Apache httpd -- source code disclosure (5d921a8c-3a43-11ef-b611-84a93843eb75)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5d921a8c-3a43-11ef-b611-84a93843eb75 advisory. The Apache httpd project reports: isource code disclosure with handlers configured via AddType...

6.2CVSS7.1AI score0.00246EPSS

Exploits0References3

Tenable Nessus•added 2024/07/05 12:0 a.m.•13 views

Apache 2.4.60 Source Code Disclosure

According to its banner, the version of Apache running on the remote host is 2.4.60. It is, therefore, affected by a source code disclosure with handlers configured via AddType. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported...

6.2CVSS7.5AI score0.00246EPSS

Exploits0References3

RedhatCVE•added 2024/07/04 11:6 a.m.•180 views

CVE-2024-39884

A flaw was found in httpd. The fix for CVE-2024-38476 ignores some uses of the legacy content-type based configuration of handlers. "AddType" and similar configurations, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...

7.5CVSS8.9AI score0.04673EPSS

Exploits0References4

NVD•added 2024/07/04 9:15 a.m.•36 views

CVE-2024-39884

6.2CVSS0.00246EPSS

Exploits0References4

OSV•added 2024/07/04 9:15 a.m.•1 views

AZL-43170 CVE-2024-39884 affecting package httpd for versions less than 2.4.61-1

6.2CVSS5.7AI score0.00246EPSS

Exploits0References1

OSV•added 2024/07/04 9:15 a.m.•25 views

CVE-2024-39884