Critical - CVE-2024-9921 - The Team+ from TEAMPLUS TECHNOLOGY does not...
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate specific page parameter, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify and delete database...
High - CVE-2024-9922 - The Team+ from TEAMPLUS TECHNOLOGY does not...
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.
NA - CVE-2024-49214 - QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x...
QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality.
Medium - CVE-2024-9923 - The Team+ from TEAMPLUS TECHNOLOGY does not...
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with administrator privileges to move arbitrary system files to the website root...
Critical - CVE-2024-9924 - The fix for CVE-2024-26261 was incomplete, and...
The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga remains at risk. Unauthenticated remote attackers still can download arbitrary system files, which...
NA - CVE-2024-46911 - Cross-site Resource Forgery (CSRF), Privilege...
Cross-site Resource Forgery (CSRF), Privilege escalation vulnerability in Apache Roller. On multi-blog/user Roller websites, by default weblog owners are trusted to publish arbitrary weblog content...