7.3
CVE-2024-11622 -
An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.
8.7
CVE-2024-11745 - Tenda AC8 SetStaticRouteCfg route_static_check stack-based overflow
A vulnerability was found in Tenda AC8 16.03.34.09 and classified as critical. Affected by this issue is the function route_static_check of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be launched remotely. The exploiβ¦
6.9
CVE-2024-11744 - 1000 Projects Portfolio Management System MCA register.php sql injection
A vulnerability has been found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. Thβ¦
5.7
CVE-2024-43784 - Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior toβ¦
lakeFS is an open-source tool that transforms object storage into a Git-like repository. Existing lakeFS users who have issued credentials to users who have been deleted are affected by this vulnerability. When creating a new user with the same username as a deleted user, that user will inherit allβ¦
6.9
CVE-2024-11743 - SourceCodester Best House Rental Management System POST Request ajax.php cross-site request forgery
A vulnerability, which was classified as problematic, was found in SourceCodester Best House Rental Management System 1.0. Affected is an unknown function of the file /rental/ajax.php?action=delete_user of the component POST Request Handler. The manipulation leads to cross-site request forgery. It β¦
5.3
CVE-2024-11742 - SourceCodester Best House Rental Management System ajax.php cross site scripting
A vulnerability, which was classified as problematic, has been found in SourceCodester Best House Rental Management System 1.0. This issue affects some unknown processing of the file /rental/ajax.php?action=save_tenant. The manipulation of the argument lastname/firstname/middlename leads to cross sβ¦
7.6
CVE-2024-49053 - Microsoft Dynamics 365 Sales Spoofing Vulnerability
Microsoft Dynamics 365 Sales Spoofing Vulnerability
8.2
CVE-2024-49052 - Microsoft Azure PolicyWatch Elevation of Privilege Vulnerability
Missing authentication for critical function in Microsoft Azure PolicyWatch allows an unauthorized attacker to elevate privileges over a network.
9.3
CVE-2024-49038 - Microsoft Copilot Studio Elevation Of Privilege Vulnerability
Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot Studio by an unauthorized attacker leads to elevation of privilege over a network.
8.7
CVE-2024-49035 - Partner.Microsoft.Com Elevation of Privilege Vulnerability
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.