Ugrás a tartalomra

Riasztások

2024. Nov. 27.

NA - CVE-2024-53604 - A SQL Injection vulnerability was found in...

A SQL Injection vulnerability was found in /covid-tms/check_availability.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the...
security-database.com
Tovább
2024. Nov. 27.

NA - CVE-2024-53635 - A Reflected Cross Site Scripting (XSS)...

A Reflected Cross Site Scripting (XSS) vulnerability was found in /covid-tms/patient-search-report.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to...
security-database.com
Tovább
2024. Nov. 27.

NA - CVE-2024-11862 - Non constant time cryptographic operation in...

Non constant time cryptographic operation in Devolutions.XTS.NET 2024.11.19 and earlier allows an attacker to render half of the encryption key obsolete via a timing attacks
security-database.com
Tovább
2024. Nov. 27.

NA - CVE-2024-46054 - OpenVidReview 1.0 is vulnerable to Incorrect...

OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload files.
security-database.com
Tovább
2024. Nov. 27.

NA - CVE-2024-46055 - OpenVidReview 1.0 is vulnerable to Cross Site...

OpenVidReview 1.0 is vulnerable to Cross Site Scripting (XSS) in review names.
security-database.com
Tovább
2024. Nov. 27.

NA - CVE-2024-52951 - Stored Cross-Site Scripting in the Access...

Stored Cross-Site Scripting in the Access Request History in Omada Identity before version 15 update 1 allows an authenticated attacker to execute arbitrary code in the browser of a victim via a...
security-database.com
Tovább
2024. Nov. 27.

NA - CVE-2024-53920 - In elisp-mode.el in GNU Emacs through 30.0.92,...

In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro...
security-database.com
Tovább
2024. Nov. 27.

NA - CVE-2024-11860 - A vulnerability classified as critical has been...

A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects an unknown part of the file /rental/ajax.php?action=delete_tenant of...
security-database.com
Tovább
2024. Nov. 27.

NA - CVE-2024-21703 - This Medium severity Security Misconfiguration...

This Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of Confluence Data Center and Server for Windows installations. This Security Misconfiguration...
security-database.com
Tovább
2024. Nov. 27.

NA - CVE-2024-31976 - EnGenius EWS356-FIR 1.1.30 and earlier devices...

EnGenius EWS356-FIR 1.1.30 and earlier devices allow a remote attacker to execute arbitrary OS commands via the Controller connectivity parameter.
security-database.com
Tovább
Nyelv