Show filters
328,419 Total Results
Displaying 1,951-1,960 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown
CVE-2024-9166
Disclosure Date: September 26, 2024 (last updated September 27, 2024)
The device enables an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, allowing the attacker to gain root access.
0
Attacker Value
Unknown
CVE-2024-46627
Disclosure Date: September 26, 2024 (last updated September 27, 2024)
Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands via crafted web requests.
0
Attacker Value
Unknown
CVE-2024-45982
Disclosure Date: September 26, 2024 (last updated September 27, 2024)
A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This allows attackers to arbitrarily reset other users' passwords and compromise their accounts.
0
Attacker Value
Unknown
CVE-2024-45981
Disclosure Date: September 26, 2024 (last updated September 27, 2024)
A host header injection vulnerability in BookReviewLibrary 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link.
0
Attacker Value
Unknown
CVE-2024-45980
Disclosure Date: September 26, 2024 (last updated September 27, 2024)
A host header injection vulnerability in MEANStore 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This allows attackers to arbitrarily reset other users' passwords and compromise their accounts.
0
Attacker Value
Unknown
CVE-2024-45979
Disclosure Date: September 26, 2024 (last updated September 27, 2024)
A host header injection vulnerability in Lines Police CAD 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This allows attackers to arbitrarily reset other users' passwords and compromise their accounts.
0
Attacker Value
Unknown
CVE-2024-44860
Disclosure Date: September 26, 2024 (last updated September 27, 2024)
An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2 allows attackers to access sensitive data via a crafted request.
0
Attacker Value
Unknown
CVE-2024-37125
Disclosure Date: September 26, 2024 (last updated September 27, 2024)
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x,10.5.3.x, contains an Uncontrolled Resource Consumption vulnerability. A remote unauthenticated host could potentially exploit this vulnerability leading to a denial of service.
0
Attacker Value
Unknown
CVE-2024-8771
Disclosure Date: September 26, 2024 (last updated September 27, 2024)
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'preview_email_template_design' function in all versions up to, and including, 5.7.34. This makes it possible for authenticated attackers, with Subscriber-level access and above, to extract sensitive data including the content of private, password protected, pending, and draft posts and pages.
0
Attacker Value
Unknown
CVE-2024-7259
Disclosure Date: September 26, 2024 (last updated September 27, 2024)
A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext.
0