Show filters
1,839 Total Results
Displaying 141-150 of 1,839
Sort by:
Attacker Value
Unknown
CVE-2024-38016
Disclosure Date: September 19, 2024 (last updated September 24, 2024)
Microsoft Office Visio Remote Code Execution Vulnerability
0
Attacker Value
Unknown
CVE-2024-47089
Disclosure Date: September 19, 2024 (last updated September 27, 2024)
This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the transaction token ID in the API endpoint. An authenticated remote attacker could exploit this vulnerability by manipulating the transaction token ID in the API request leading to unauthorized access and modification of transactions belonging to other users.
0
Attacker Value
Unknown
CVE-2024-47088
Disclosure Date: September 19, 2024 (last updated September 27, 2024)
This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a brute force attack on login OTP, which could lead to gain unauthorized access to other user accounts.
0
Attacker Value
Unknown
CVE-2024-47087
Disclosure Date: September 19, 2024 (last updated September 27, 2024)
This vulnerability exists in Apex Softcell LD Geo due to improper validation of the certain parameters (Client ID, DPID or BOID) in the API endpoint. An authenticated remote attacker could exploit this vulnerability by manipulating parameters in the API request body leading to exposure of sensitive information belonging to other users.
0
Attacker Value
Unknown
CVE-2024-47086
Disclosure Date: September 19, 2024 (last updated September 27, 2024)
This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by providing arbitrary OTP value for authentication and subsequently changing its API response.
Successful exploitation of this vulnerability could allow the attacker to bypass OTP verification for other user accounts.
0
Attacker Value
Unknown
CVE-2024-47085
Disclosure Date: September 19, 2024 (last updated September 27, 2024)
This vulnerability exists in Apex Softcell LD DP Back Office due to improper validation of certain parameters (cCdslClicentcode and cLdClientCode) in the API endpoint. An authenticated remote attacker could exploit this vulnerability by manipulating parameters in the API request body leading to exposure of sensitive information belonging to other users.
0
Attacker Value
Unknown
CVE-2024-7788
Disclosure Date: September 17, 2024 (last updated September 26, 2024)
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before < 24.2.5.
0
Attacker Value
Unknown
CVE-2024-44430
Disclosure Date: September 13, 2024 (last updated September 19, 2024)
SQL Injection vulnerability in Best Free Law Office Management Software-v1.0 allows an attacker to execute arbitrary code and obtain sensitive information via a crafted payload to the kortex_lite/control/register_case.php interface
0
Attacker Value
Unknown
CVE-2024-43465
Disclosure Date: September 10, 2024 (last updated September 14, 2024)
Microsoft Excel Elevation of Privilege Vulnerability
0
Attacker Value
Unknown
CVE-2024-43463
Disclosure Date: September 10, 2024 (last updated September 18, 2024)
Microsoft Office Visio Remote Code Execution Vulnerability
0
