For providers | HunCERT group

27 Dec 2024

Riasztás

NA - CVE-2024-50945 - An improper access control vulnerability exists...

An improper access control vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f, allowing users to submit reviews without verifying if they have purchased the...

security-database.com

27 Dec 2024

Riasztás

NA - CVE-2024-53476 - A race condition vulnerability in SimplCommerce...

A race condition vulnerability in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f allows attackers to bypass inventory restrictions by simultaneously submitting purchase requests...

security-database.com

27 Dec 2024

Riasztás

NA - CVE-2024-12991 - A vulnerability was found in Beijing Longda...

A vulnerability was found in Beijing Longda Jushang Technology DBShop???? 3.3 Release 231225. It has been declared as problematic. This vulnerability affects unknown code of the file /home-order....

security-database.com

27 Dec 2024

Riasztás

NA - CVE-2024-39025 - Incorrect access control in the /users endpoint...

Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data.

security-database.com

27 Dec 2024

Riasztás

NA - CVE-2024-54450 - An issue was discovered in Kurmi Provisioning...

An issue was discovered in Kurmi Provisioning Suite 7.9.0.33. If an X-Forwarded-For header is received during authentication, the Kurmi application will record the (possibly forged) IP address...

security-database.com

27 Dec 2024

Riasztás

NA - CVE-2024-54451 - A cross-site scripting (XSS) vulnerability in...

A cross-site scripting (XSS) vulnerability in the graphicCustomization.do page in Kurmi Provisioning Suite before 7.9.0.38, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15 allows remote...

security-database.com

27 Dec 2024

Riasztás

NA - CVE-2024-54452 - An issue was discovered in Kurmi Provisioning...

An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35 and 7.10.x through 7.10.0.18. A Directory Traversal and Local File Inclusion vulnerability in the logsSys.do page allows remote...

security-database.com

27 Dec 2024

Riasztás

NA - CVE-2024-54453 - An issue was discovered in Kurmi Provisioning...

An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. A path traversal vulnerability in the DocServlet servlet allows remote...

security-database.com

27 Dec 2024

Riasztás

NA - CVE-2024-54454 - An issue was discovered in Kurmi Provisioning...

An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. An Observable Response Discrepancy vulnerability in the...

security-database.com

27 Dec 2024

Riasztás

NA - CVE-2024-56732 - HarfBuzz is a text shaping engine. Starting...

HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hb_cairo_glyphs_from_buffer function.

security-database.com

Phone:	+36 1 279 6222 9am to 4pm
E-mail:	@email
Address:	H-1111 Budapest, Kende u. 13-17.