Show filters
312,289 Total Results
Displaying 21-30 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown

CVE-2024-38467

Disclosure Date: June 16, 2024 (last updated June 17, 2024)
Shenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API.
0
Attacker Value
Unknown

CVE-2024-38466

Disclosure Date: June 16, 2024 (last updated June 17, 2024)
Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password.
0
Attacker Value
Unknown

CVE-2024-38465

Disclosure Date: June 16, 2024 (last updated June 17, 2024)
Shenzhen Guoxin Synthesis image system before 8.3.0 allows username enumeration because of the response discrepancy of incorrect versus error.
0
Attacker Value
Unknown

CVE-2024-38462

Disclosure Date: June 16, 2024 (last updated June 17, 2024)
iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail binary, such as in the mailMS.cpp#L94-L106 reference.
0
Attacker Value
Unknown

CVE-2024-38461

Disclosure Date: June 16, 2024 (last updated June 17, 2024)
irodsServerMonPerf in iRODS before 4.3.2 attempts to proceed with use of a path even if it is not a directory.
0
Attacker Value
Unknown

CVE-2024-38460

Disclosure Date: June 16, 2024 (last updated June 17, 2024)
In SonarQube before 10.4 and 9.9.4 LTA, encrypted values generated using the Settings Encryption feature are potentially exposed in cleartext as part of the URL parameters in the logs (such as SonarQube Access Logs, Proxy Logs, etc).
0
Attacker Value
Unknown

CVE-2024-38459

Disclosure Date: June 16, 2024 (last updated June 17, 2024)
langchain_experimental (aka LangChain Experimental) before 0.0.61 for LangChain provides Python REPL access without an opt-in step. NOTE; this issue exists because of an incomplete fix for CVE-2024-27444.
0
Attacker Value
Unknown

CVE-2024-38458

Disclosure Date: June 16, 2024 (last updated June 17, 2024)
Xenforo before 2.2.16 allows code injection.
0
Attacker Value
Unknown

CVE-2024-38457

Disclosure Date: June 16, 2024 (last updated June 17, 2024)
Xenforo before 2.2.16 allows CSRF.
0
Attacker Value
Unknown

CVE-2024-38454

Disclosure Date: June 16, 2024 (last updated June 17, 2024)
ExpressionEngine before 7.4.11 allows XSS.
0