CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN...
8.6CVSS
6.3AI Score
0.945EPSS
IBM Maximo Asset Management Information Disclosure - XML External Entity Injection
IBM Maximo Asset Management is vulnerable to...
8.2CVSS
8.1AI Score
0.727EPSS
Premium Addons for Elementor < 4.10.32 - Missing Authorization to Information Disclosure
Description The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_template_content() function in all versions up to, and including, 4.10.31. This makes it possible for authenticated attackers, with...
4.3CVSS
6.4AI Score
0.001EPSS
A vulnerability was found in code-projects Fighting Cock Information System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/action/new-feed.php. The manipulation of the argument type_feed leads to sql injection. It is possible to initiate the attack...
9.8CVSS
9.6AI Score
0.001EPSS
A vulnerability was found in code-projects Fighting Cock Information System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/pages/edit_chicken.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The...
9.8CVSS
9.7AI Score
0.001EPSS
A vulnerability has been found in code-projects Fighting Cock Information System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/action/update-deworm.php. The manipulation of the argument usage_deworm leads to sql injection. The attack can be initiated...
9.8CVSS
9.7AI Score
0.001EPSS
A vulnerability has been found in code-projects Fighting Cock Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/action/new-father.php. The manipulation of the argument image leads to unrestricted upload. The attack can.....
9.8CVSS
9.4AI Score
0.001EPSS
A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=save_item of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is...
9.8CVSS
9.7AI Score
0.001EPSS
A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/?page=user/list. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has....
8.8CVSS
8.7AI Score
0.002EPSS
A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/. The manipulation of the argument page leads to cross site scripting. The attack can be launched...
6.1CVSS
6AI Score
0.001EPSS
Intel Active Management Technology (AMT) Multiple Vulnerabilities (INTEL-SA-00709)
The Intel Management Engine on the remote host has Active Management Technology (AMT) enabled, and, according to its self-reported version, is a version containing multiple vulnerabilities, including the following: Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard...
9.8CVSS
3.5AI Score
0.003EPSS
A vulnerability, which was classified as critical, has been found in code-projects Fighting Cock Information System 1.0. This issue affects some unknown processing of the file admin/action/update_mother.php. The manipulation of the argument age_mother leads to sql injection. The attack may be...
9.8CVSS
9.7AI Score
0.001EPSS
A vulnerability, which was classified as critical, was found in code-projects Fighting Cock Information System 1.0. Affected is an unknown function of the file admin/pages/tables/add_con.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely......
9.8CVSS
9.7AI Score
0.001EPSS
A vulnerability, which was classified as critical, was found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file admin\user\manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely....
8.8CVSS
8.9AI Score
0.002EPSS
A vulnerability, which was classified as critical, has been found in SourceCodester Lost and Found Information System 1.0. Affected by this issue is some unknown functionality of the file admin/?page=items/view_item of the component GET Parameter Handler. The manipulation of the argument id leads.....
9.8CVSS
9.6AI Score
0.006EPSS
A vulnerability classified as critical was found in SourceCodester Lost and Found Information System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=items/manage_item of the component GET Parameter Handler. The manipulation of the argument id leads to sql...
9.8CVSS
9.7AI Score
0.006EPSS
co-vier.nl Improper Access Control vulnerability OBB-3863290
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
7AI Score
Intel Management Engine Active Management Technology (AMT) Remote Access Enabled
The Intel Management Engine on the remote host has Active Management Technology (AMT) enabled, and is remotely...
1.4AI Score
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have....
4.7CVSS
5.5AI Score
0.001EPSS
CVE_2024_24919 Vulnerability Scanner This Java tool scans a...
8.6CVSS
6.1AI Score
0.945EPSS
CVE_2024_24919 Vulnerability Scanner This Java tool scans a...
8.6CVSS
6.1AI Score
0.945EPSS
CVE-2024-24919-Check-Point-Remote-Access-VPN...
8.6CVSS
6.5AI Score
0.945EPSS
8.2CVSS
8AI Score
0.001EPSS
Insertion of sensitive information into log file issue exists in RoamWiFi R10 prior to 4.8.45. If this vulnerability is exploited, a network-adjacent unauthenticated attacker with access to the device may obtain sensitive...
6.3AI Score
0.0004EPSS
Kubernetes Sensitive Information leak via Log File
In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects < v1.19.3, < v1.18.10, <...
5.5CVSS
6.3AI Score
0.0005EPSS
Geutebruck - Remote Command Injection
Geutebruck is susceptible to multiple vulnerabilities its web-based management interface that could allow an unauthenticated, remote attacker to perform command injection attacks against an affected...
7.2CVSS
7.6AI Score
0.975EPSS
A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_category of the component HTTP POST Request Handler. The manipulation of the...
9.8CVSS
9.7AI Score
0.001EPSS
A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=save_inquiry of the component HTTP POST Request Handler. The manipulation of the argument id...
9.8CVSS
9.6AI Score
0.001EPSS
A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file items/view.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the....
9.8CVSS
9.7AI Score
0.002EPSS
A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/?page=user/manage_user. The manipulation leads to improper access controls. The attack can be initiated remotely. The...
8.8CVSS
8.7AI Score
0.001EPSS
A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file /classes/Master.php?f=delete_item. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been.....
9.8CVSS
9.7AI Score
0.002EPSS
7.4AI Score
0.0004EPSS
Security Bulletin: AIX is affected by information disclosure due to Python (CVE-2024-28757)
Summary Vulnerability in Python could allow a remote attacker to obtain sensitive information (CVE-2024-28757). Python is used by AIX as part of Ansible node management automation. Vulnerability Details ** CVEID: CVE-2024-28757 DESCRIPTION: **libexpat could allow a remote attacker to obtain...
6.8AI Score
0.0004EPSS
A vulnerability was found in code-projects Fighting Cock Information System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/action/delete-vaccine.php. The manipulation of the argument ref leads to sql injection. The attack may be launched...
9.8CVSS
9.6AI Score
0.001EPSS
A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=save_category of the component POST Parameter Handler. The manipulation of the argument id leads to sql injection. It is...
9.8CVSS
9.7AI Score
0.001EPSS
A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin\inquiries\view_inquiry.php. The manipulation leads to sql injection. The attack can be launched remotely......
8.8CVSS
8.9AI Score
0.002EPSS
A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file classes/Master.php?f=save_inquiry of the component Contact Form. The manipulation of the argument fullname/contact/message...
6.1CVSS
6AI Score
0.001EPSS
A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been classified as critical. This affects an unknown part of the file admin/?page=categories/view_category of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection....
9.8CVSS
9.6AI Score
0.002EPSS
Sensitive Information Disclosure
nebari is vulnerable to Privilege Escalation. This vulnerability due to printing the temporary Keycloak root password to console during project initialization, which results in sensitive information...
6.4AI Score
0.0004EPSS
7.4AI Score
Kubernetes Sensitive Information leak via Log File
In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects < v1.19.3, < v1.18.10, <...
5.5CVSS
6.3AI Score
0.0005EPSS
Summary If Jazz Authentication Service is enabled, IBM Jazz Reporting System shows the JSA Client Secret in plain text. Vulnerability Details ** CVEID: CVE-2024-25052 DESCRIPTION: **IBM Jazz Reporting Service stores user credentials in plain clear text which can be read by an Admin user. CVSS...
4.4CVSS
6.3AI Score
0.0004EPSS
Debug Log – Manger Tool < 1.5 - Unauthenticated Information Exposure via Logs
Description The Debug Log – Manger Tool plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.5 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in...
5.3CVSS
6.3AI Score
0.0004EPSS
WordPress Cookie Information/Free GDPR Consent Solution <2.0.8 - Cross-Site Scripting
WordPress Cookie Information/Free GDPR Consent Solution plugin prior to 2.0.8 contains a cross-site scripting vulnerability via the admin dashboard. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to...
6.1CVSS
6AI Score
0.001EPSS
CVE-2024-24919 Exploit CVE Identifier: CVE-2024-24919...
8.6CVSS
6.2AI Score
0.945EPSS
CVE-2024-24919-POC Read about it -...
8.6CVSS
6.5AI Score
0.945EPSS
Exploit for CVE-2024-24919 Description This Python...
8.6CVSS
6.1AI Score
0.945EPSS
Release Information for Veeam Service Provider Console 7 Cumulative Patches
Release Information for Veeam Service Provider Console 7 Cumulative...
6.7AI Score
CVE-2024-3043 Zigbee co-ordinator realignment packet may lead to denial of service
An unauthenticated IEEE 802.15.4 'co-ordinator realignment' packet can be used to force Zigbee nodes to change their network identifier (pan ID), leading to a denial of service. This packet type is not useful in production and should be used only for PHY...
7.5CVSS
7AI Score
0.0004EPSS
Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node’s IPv6 interface due to the node accepting route...
6CVSS
4.5AI Score
0.001EPSS