6.9
CVE-2024-7704 - Weaver e-cology Source Code ecology_dev.zip information disclosure
A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected is an unknown function of the file /cloudstore/ecode/setup/ecology_dev.zip of the component Source Code Handler. The manipulation leads to information disclosure. It is possible to launch the attack remoβ¦
7.1
CVE-2023-41884 - ZoneMinder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in β¦
ZoneMinder is a free, open source Closed-circuit television software application. In WWW/AJAX/watch.php, Line: 51 takes a few parameter in sql query without sanitizing it which makes it vulnerable to sql injection. This vulnerability is fixed in 1.36.34.
6.8
CVE-2024-40893 - Firewalla BTLE Authenticated Command Injection
Multiple authenticated operating system (OS) command injection vulnerabilities exist in Firewalla Box Software versions before 1.979. A physically close attacker that is authenticated to the Bluetooth Low-Energy (BTLE) interface can use the network configuration service to inject commands in variβ¦
7.1
CVE-2024-40892 - Firewalla BTLE Weak Credentials
A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy (BTLE) interface. Once an attacker gains access to theβ¦
6.8
CVE-2024-6768 - Denial of Service in CLFS.sys
A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function.
0.0
CVE-2024-7712 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
6.5
CVE-2024-42474 - Streamlit Path Traversal Security Vulnerability on Windows
Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Streamlit app(s) on Windows were vulnerable to a path traversal vulnerability when the static file shariβ¦
6.3
CVE-2023-7249 -
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText OpenText Directory Services allows Path Traversal.This issue affects OpenText Directory Services: from 16.4.2 before 24.1.
10
CVE-2024-42489 - Pro Macros Remote Code Execution via Viewpdf and similar macros
Pro Macros provides XWiki rendering macros. Missing escaping in the Viewpdf macro allows any user with view right on the `CKEditor.HTMLConverter` page or edit or comment right on any page to perform remote code execution. Other macros like Viewppt are vulnerable to the same kind of attack. This vulβ¦
7.5
CVE-2024-42485 - Filament Excel Vulnerable to Path Traversal Attack on Export Download Endpoint
Filament Excel enables excel export for Filament admin resources. The export download route `/filament-excel/{path}` allowed downloading any file without login when the webserver allows `../` in the URL. Patched with Version v2.3.3.