Latest CVE Feed
-
5.4
MEDIUMCVE-2024-8610
A vulnerability classified as problematic has been found in SourceCodester Best House Rental Management System 1.0. Affected is an unknown function of the file /index.php?page=tenants of the component New Tenant Page. The manipulation of the argument Last... Read more
Affected Products : best_house_rental_management_system- Published: Sep. 09, 2024
- Modified: Sep. 17, 2024
-
9.8
CRITICALCVE-2024-45695
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.... Read more
- Published: Sep. 16, 2024
- Modified: Sep. 17, 2024
-
9.8
CRITICALCVE-2024-45694
The web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.... Read more
- Published: Sep. 16, 2024
- Modified: Sep. 17, 2024
-
6.5
MEDIUMCVE-2024-43251
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bit Apps Bit Form Pro.This issue affects Bit Form Pro: from n/a through 2.6.4.... Read more
Affected Products : bit_form- Published: Aug. 26, 2024
- Modified: Sep. 17, 2024
-
7.1
HIGHCVE-2024-43255
Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyBookTable Bookstore allows Cross-Site Scripting (XSS).This issue affects MyBookTable Bookstore: from n/a through 3.3.9.... Read more
Affected Products : mybook_table_bookstore- Published: Aug. 26, 2024
- Modified: Sep. 17, 2024
-
9.6
CRITICALCVE-2024-40643
Joplin is a free, open source note taking and to-do application. Joplin fails to take into account that "<" followed by a non letter character will not be considered html. As such it is possible to do an XSS by putting an "illegal" tag within a tag.... Read more
Affected Products : joplin- Published: Sep. 09, 2024
- Modified: Sep. 17, 2024
-
8.7
HIGHCVE-2024-8601
This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to improper access controls on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter through API request... Read more
Affected Products : back_office_software- Published: Sep. 09, 2024
- Modified: Sep. 17, 2024
-
7.1
HIGHCVE-2024-38188
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability... Read more
Affected Products : azure_network_watcher_agent azure_network_watcher azure_network_watcher_agent_for_windows- Published: Sep. 10, 2024
- Modified: Sep. 17, 2024
-
7.3
HIGHCVE-2024-43470
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability... Read more
Affected Products : azure_network_watcher_agent azure_network_watcher azure_network_watcher_agent_for_windows- Published: Sep. 10, 2024
- Modified: Sep. 17, 2024
-
3.1
LOWCVE-2024-8042
Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing authorization issues whereby an attacker can intercept local requests to set the name and description of a new user group. This could potentially lead to an emp... Read more
Affected Products : insight_platform- Published: Sep. 09, 2024
- Modified: Sep. 17, 2024
-
7.5
HIGHCVE-2024-38119
Windows Network Address Translation (NAT) Remote Code Execution Vulnerability... Read more
Affected Products : windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 windows_11_22h2 windows_10_1507 +6 more products- Published: Sep. 10, 2024
- Modified: Sep. 17, 2024
-
9.9
CRITICALCVE-2024-38194
An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network.... Read more
Affected Products : azure_web_apps- Published: Sep. 10, 2024
- Modified: Sep. 17, 2024
-
9.0
CRITICALCVE-2024-38216
Azure Stack Hub Elevation of Privilege Vulnerability... Read more
Affected Products : azure_stack_hub- Published: Sep. 10, 2024
- Modified: Sep. 17, 2024
-
9.0
CRITICALCVE-2024-38220
Azure Stack Hub Elevation of Privilege Vulnerability... Read more
Affected Products : azure_stack_hub- Published: Sep. 10, 2024
- Modified: Sep. 17, 2024
-
9.8
CRITICALCVE-2024-38225
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability... Read more
Affected Products : dynamics_365_business_central- Published: Sep. 10, 2024
- Modified: Sep. 17, 2024
-
7.2
HIGHCVE-2024-38228
Microsoft SharePoint Server Remote Code Execution Vulnerability... Read more
Affected Products : sharepoint_server- Published: Sep. 10, 2024
- Modified: Sep. 17, 2024
-
7.2
HIGHCVE-2024-38227
Microsoft SharePoint Server Remote Code Execution Vulnerability... Read more
Affected Products : sharepoint_server- Published: Sep. 10, 2024
- Modified: Sep. 17, 2024
-
7.5
HIGHCVE-2024-38230
Windows Standards-Based Storage Management Service Denial of Service Vulnerability... Read more
- Published: Sep. 10, 2024
- Modified: Sep. 17, 2024
-
7.2
HIGHCVE-2023-34979
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability ... Read more
- Published: Sep. 06, 2024
- Modified: Sep. 17, 2024
-
7.5
HIGHCVE-2024-38231
Windows Remote Desktop Licensing Service Denial of Service Vulnerability... Read more
- Published: Sep. 10, 2024
- Modified: Sep. 17, 2024