CVE Alert: CVE-2024-46278
Vulnerability Summary: CVE-2024-46278 Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console. Affected Endpoints: No affected...
Vulnerability Summary: CVE-2024-46278 Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console. Affected Endpoints: No affected...
Vulnerability Summary: CVE-2024-46300 itsourcecode Placement Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Full Name field...
Vulnerability Summary: CVE-2024-45932 Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting (XSS) via the organization name field in /admin/contacts/organizations/edit/2....
Vulnerability Summary: CVE-2024-46041 IoT Haat Smart Plug IH-IN-16A-S v5.16.1 is vulnerable to Authentication Bypass by Capture-replay. Affected Endpoints: No affected...
Vulnerability Summary: CVE-2024-46446 Mecha CMS 3.0.0 is vulnerable to Directory Traversal. An attacker can construct cookies and URIs that bypass...
Vulnerability Summary: CVE-2024-42831 A reflected cross-site scripting (XSS) vulnerability in Elaine's Realtime CRM Automation v6.18.17 allows attackers to execute arbitrary...
Vulnerability Summary: CVE-2024-47555 Missing Authentication - User & System Configuration Affected Endpoints: No affected endpoints listed. Published Date: 10/7/2024, 6:15:04...
Vulnerability Summary: CVE-2024-44674 D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub_24E28, the HTTP_REFERER is obtained through...
Vulnerability Summary: CVE-2024-46076 RuoYi v4.7.9 and before has a security flaw that allows escaping from comments within the code generation...
Vulnerability Summary: CVE-2024-27458 A potential security vulnerability has been identified in the HP Hotkey Support software, which might allow local...
Vulnerability Summary: CVE-2024-47558 Authenticated RCE via Path Traversal Affected Endpoints: No affected endpoints listed. Published Date: 10/7/2024, 7:15:10 PM 🔥...
Vulnerability Summary: CVE-2024-47557 Pre-Auth RCE via Path Traversal Affected Endpoints: No affected endpoints listed. Published Date: 10/7/2024, 7:15:10 PM 🔥...
Vulnerability Summary: CVE-2024-47975 Improper access control validation in firmware of some Solidigm DC Products may allow an attacker with physical...
Vulnerability Summary: CVE-2024-47559 Authenticated RCE via Path Traversal Affected Endpoints: No affected endpoints listed. Published Date: 10/7/2024, 7:15:10 PM 🔥...
Vulnerability Summary: CVE-2024-44068 An issue was discovered in the m2m scaler driver in Samsung Mobile Processor and Wearable Processor Exynos...
Vulnerability Summary: CVE-2024-31228 Redis is an open source, in-memory database that persists on disk. Authenticated users can trigger a denial-of-service...
Vulnerability Summary: CVE-2024-31449 Redis is an open source, in-memory database that persists on disk. An authenticated user may use a...
Vulnerability Summary: CVE-2024-47556 Pre-Auth RCE via Path Traversal Affected Endpoints: No affected endpoints listed. Published Date: 10/7/2024, 7:15:10 PM 🔥...
Vulnerability Summary: CVE-2024-45292 PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. `\PhpOffice\PhpSpreadsheet\Writer\Html` does not sanitize "javascript:"...
Vulnerability Summary: CVE-2024-31227 Redis is an open source, in-memory database that persists on disk. An authenticated with sufficient privileges may...
Vulnerability Summary: CVE-2024-47079 Meshtastic is an open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices. Meshtastic...
Vulnerability Summary: CVE-2024-45293 PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The security scanner responsible for...
Vulnerability Summary: CVE-2024-47972 Improper resource management in firmware of some Solidigm DC Products may allow an attacker to potentially control...
Vulnerability Summary: CVE-2024-47971 Improper error handling in firmware of some SSD DC Products may allow an attacker to enable denial...