0.0
CVE-2024-9012 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.9
CVE-2024-8653 - Netcat CMS: multiple reflected cross-site scripting vulnerabilities in netshop module
A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific paths on the site. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others. Apply patch from vendor https://netcat.ru/ https://netcat.ru/] . Versions 6.4.0.24248 andβ¦
5.9
CVE-2024-8652 - Netcat CMS: reflected cross-site scripting in openstat module
A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific path on the site. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others. Apply patch from vendor https://netcat.ru/ https://netcat.ru/] . Versions 6.4.0.24248 and β¦
6.9
CVE-2024-8651 - Netcat CMS: user enumeration
A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that can be used to check whether a user exists in the system, which could be a basis for further attacks. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others. Apply patch from vendor https://β¦
0.0
CVE-2024-9010 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
8.7
CVE-2024-45862 - Cleartext Storage of Sensitive Information in Kastle Systems Access Control System
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information.
9.2
CVE-2024-45861 - Use of Hard-coded Credentials in Kastle Systems Access Control System
Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information.
5.7
CVE-2024-8375 - Object deserialization in Reverb leading to RCE
There exists a use after free vulnerability in Reverb.Β Reverb supports the VARIANT datatype, which is supposed to represent an arbitrary object in C++. When a tensor proto of type VARIANT is unpacked, memory is first allocated to store the entire tensor, and a ctor is called on each instance. Afterβ¦
8.7
CVE-2024-7737 - Stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer from Release 3DEXPERIEβ¦
A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
8.7
CVE-2024-7736 - Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovatoβ¦
A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.