CVE-2024-8259

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Eryaz Information Technologies NatraCar B2B Dealer Management Program allows SQL Injection. This issue affects NatraCar B2B Dealer Management Program: through 09.12.2024. NOTE: The vendor was...

PT-2024-35146 · Docusign · Docusign

Name of the Vulnerable Software and Affected Versions: DocuSign versions through 2024-12-04 Description: The issue is related to a User Interface UI Misrepresentation of Critical Information vulnerability, which allows Content Spoofing. This means that the displayed version of a document does not...

CVE-2024-7837

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Firmanet Software ERP allows SQL Injection. This issue affects ERP: through 22.11.2024. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

Nebari prints temporary Keycloak root password

Nebari through 2024.4.1 prints the temporary Keycloak root password...

PT-2024-4479 · Westermo · Westermo Edw-100

Name of the Vulnerable Software and Affected Versions: Westermo EDW-100 devices through 2024-05-03 Description: The issue is related to the storage of a password in cleartext in a configuration file. An unauthenticated user can download this configuration file, potentially revealing the username...

CVE-2023-6173

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeoSOFT Software TeoBASE allows SQL Injection. This issue affects TeoBASE: through 27032024. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...