CVE-2024-11065

creationtimestamp| type| source ---|---|--- 2024-11-11 07:51:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113463228862169507 2024-11-11 10:15:03+00:00| seen| https://t.me/cvedetector/10483 2024-11-13 12:21:24+00:00| seen| https://t.me/truesecator/6423...

PT-2024-34744 · Unknown · Simple Job Manager

Name of the Vulnerable Software and Affected Versions: Simple Job Manager versions n/a through 1.1 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations:...

PT-2024-16507 · Unknown · Phpgurukul Online Shopping Portal

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online Shopping Portal version 2.0 Description: A vulnerability was found in the PHPGurukul Online Shopping Portal, allowing for cross-site scripting XSS attacks. The issue is related to an unknown function in the file...

PT-2024-33077 · Unknown · Jeecg-Boot

Name of the Vulnerable Software and Affected Versions: JeecgBoot version 3.7.1 Description: A SQL injection vulnerability was discovered in JeecgBoot via the component /onlDragDatasetHead/getTotalData. This issue allows for potential SQL injection attacks. The estimated number of potentially...

PT-2024-10800 · Unknown · Validate.Js

Name of the Vulnerable Software and Affected Versions: Validate.js versions prior to the version released after 30 November 2020 Description: The issue concerns Regular Expression Denial of Service ReDoS due to vulnerable regular expressions in Validate.js. As of the time of publication, it is...

GHSA-CHJ2-4VG7-HHG3 Liferay Portal and Liferay DXP Vulnerable to CSRF in the Script Console

The Script Console in Liferay Portal 7.0.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, 7.2 GA through fix pack 20, 7.1 GA through fix pack 28, 7.0 GA through fix pack 102 and 6.2 GA through fix pack 173 does not sufficiently...

PT-2024-33357 · Unknown · Cookie Scanner

Name of the Vulnerable Software and Affected Versions: Cookie Scanner versions 1.1 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that also allows Stored XSS in Cookie Scanner. This means an attacker can perform unintended actions on a user's account without...

PT-2024-9364 · Pdfl Sdk · Pdfl Sdk

Name of the Vulnerable Software and Affected Versions: PDFL SDK versions 21.0.0.5 and earlier Description: The issue is related to an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...

PT-2024-8852 · Microsoft · Azure Stack Hci

The Azure Stack HCI system is affected by an Elevation of Privilege issue, allowing users to gain higher access privileges without permission. This issue potentially puts the system at risk. Exploit information is available, and details can be found at provided links, such as...

PT-2024-39030 · Unknown · Phpgurukul Job Portal

Name of the Vulnerable Software and Affected Versions: PHPGurukul Job Portal version 1.0 Description: The issue is a file upload restriction bypass vulnerability, which could allow an authenticated user to execute a Remote Code Execution RCE via webshell. Recommendations: For PHPGurukul Job Porta...

PT-2024-6313 · Veeam · Veeam One

Name of the Vulnerable Software and Affected Versions: Veeam ONE version le12.1.0.3208 Description: A Cross-site-scripting XSS vulnerability exists in the Reporter Widgets, allowing HTML injection. This vulnerability can be exploited by a remote attacker to execute arbitrary HTML code...

PT-2024-13078 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: A report contains an incorrect reference to a vulnerability identifier and links to a different product. The issue is related to a mistake in...

PT-2024-29474 · Unknown · Neuq Board

Name of the Vulnerable Software and Affected Versions: NEUQ board version 1.0 Description: A Buffer Overflow issue in the password.h component allows a remote attacker to cause a denial of service. Recommendations: For NEUQ board version 1.0, consider restricting access to the password.h componen...

PT-2024-28196 · Unknown · Directorypress

Name of the Vulnerable Software and Affected Versions: DirectoryPress versions 3.6.10 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations:...

PT-2024-5723 · Fujitsu · Fujitsu Network Edgiot Gw1500

Name of the Vulnerable Software and Affected Versions: FUJITSU Network Edgiot GW1500 M2M-GW for FENICS versions not specified Description: The issue is related to a path traversal vulnerability, which may allow a remote attacker with User Class privilege to access restricted files containing...

PT-2024-28329 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The vulnerability can be exploited via the "/admin/idcProData deal.php" endpoint, specifically when the mudi parameter is set to "del". This...

PT-2024-32236

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the drm/amdgpu driver. The issue was caused by a potential NULL pointer dereference in the adev-gfx.imu.funcs variable...

PT-2024-21680 · Toshiba · Toshiba Printers

Name of the Vulnerable Software and Affected Versions: Toshiba printers affected versions not specified Description: The issue concerns a Local Privilege Escalation vulnerability, allowing an attacker to remotely compromise Toshiba printers. Recommendations: At the moment, there is no information...

PT-2024-4671 · NetGear · Netgear Wnr614

Name of the Vulnerable Software and Affected Versions: Netgear WNR614 version JNR1010V2/N300-V1.1.0.54 1.0.1 Description: The issue is related to insecure permissions in the Netgear WNR614 router's firmware, which can allow attackers to access URLs and directories embedded within the firmware via...

PT-2024-3584 · Microsoft · Windows Routing/Remote Access Service +1

Name of the Vulnerable Software and Affected Versions: Windows Routing and Remote Access Service RRAS affected versions not specified Description: The issue is related to errors in numerical truncation in the Windows RRAS service, allowing remote attackers to execute arbitrary code and affect the...