Latest CVE Feed
-
8.8
CVSS31CVE-2024-44572
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_mgmt function.... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
8.8
CVSS31CVE-2024-44571
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain incorrect access control in the mService function at phpinf.php.... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
8.8
CVSS31CVE-2024-44570
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the getParams function in phpinf.php.... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
9.8
CVSS31CVE-2024-44541
evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username" parameter in "/?action=processlogin."... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
7.3
CVSS31CVE-2024-40652
In onCreate of SettingsHomepageActivity.java, there is a possible way to access the Settings app while the device is provisioning due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges n... Read more
Affected Products : android- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
3.8
CVSS31CVE-2024-8694
A vulnerability, which was classified as problematic, was found in JFinalCMS up to 20240903. This affects the function update of the file /admin/template/update of the component com.cms.controller.admin.TemplateController. The manipulation of the argument... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
10.0
CVSS31CVE-2024-45409
The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document (... Read more
Affected Products :- Published: Sep. 10, 2024
- Modified: Sep. 11, 2024
-
8.8
CVSS31CVE-2024-44577
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the time_date function.... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
8.8
CVSS31CVE-2024-44574
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the sys_conf function.... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
2.4
CVSS31CVE-2024-8693
A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Affected by this issue is some unknown functionality of the component dhcpcd Command Handler. The manipulation of the argument -h with the input <script>alert('XS... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
0.0
NONECVE-2024-7312
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server (REST Management Interface modules) allows Session Hijacking.This issue affects Payara Server: from 6.0.0 before 6.18.0, from 6.2022.1 before 6.2024.9, from... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
5.3
CVSS31CVE-2024-8692
A vulnerability classified as critical was found in TDuckCloud TDuckPro up to 6.3. Affected by this vulnerability is an unknown functionality. The manipulation leads to weak password recovery. The attack can be launched remotely. The exploit has been disc... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
0.0
NONECVE-2024-42760
SQL Injection vulnerability in Ellevo v.6.2.0.38160 allows a remote attacker to obtain sensitive information via the /api/mob/instrucao/conta/destinatarios component.... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
8.4
CVSS31CVE-2024-5760
The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018.... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
5.4
CVSS31CVE-2024-44851
A stored cross-site scripting (XSS) vulnerability in the Discussion section of Perfex CRM v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter.... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
9.8
CVSS31CVE-2024-44466
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter iface.... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
0.0
NONECVE-2024-8691
A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
0.0
NONECVE-2024-8690
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then t... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
0.0
NONECVE-2024-8689
A problem with the ActiveMQ integration for both Cortex XSOAR and Cortex XSIAM can result in the cleartext exposure of the configured ActiveMQ credentials in log bundles.... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024
-
0.0
NONECVE-2024-8688
An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the f... Read more
Affected Products :- Published: Sep. 11, 2024
- Modified: Sep. 11, 2024