NA - CVE-2024-37300 - OAuthenticator is software that allows OAuth2...
OAuthenticator is software that allows OAuth2 identity providers to be plugged in and used with JupyterHub. JupyterHub < 5.0, when used with `GlobusOAuthenticator`, could be configured to allow all...
NA - CVE-2024-5759 - An improper privilege management vulnerability...
An improper privilege management vulnerability exists in Tenable Security Center where an authenticated, remote attacker could view unauthorized objects and launch scans without having the required...
NA - CVE-2024-5896 - A vulnerability, which was classified as...
A vulnerability, which was classified as critical, was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is the function save_users of the file...
NA - CVE-2024-5897 - A vulnerability has been found in...
A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the...
NA - CVE-2024-22855 - A cross-site scripting (XSS) vulnerability in...
A cross-site scripting (XSS) vulnerability in the User Maintenance section of ITSS iMLog v1.307 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the...
NA - CVE-2024-37036 - CWE-787: Out-of-bounds Write vulnerability...
CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass when sending a malformed POST request and particular configuration parameters are set.
NA - CVE-2024-37037 - CWE-22: Improper Limitation of a Pathname to a...
CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists that could allow an authenticated user with access to the device’s web interface to...
NA - CVE-2024-37038 - CWE-276: Incorrect Default Permissions...
CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated user with access to the device’s web interface to perform unauthorized file and firmware uploads when...
NA - CVE-2024-37039 - CWE-252: Unchecked Return Value vulnerability...
CWE-252: Unchecked Return Value vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request.