9.1

CVSS3.1

CVE-2024-38891 -

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information.

๐Ÿ“… Published: Aug. 2, 2024, midnight ๐Ÿ”„ Last Modified: Feb. 24, 2026, 7:08 p.m.

7.5

CVSS3.1

CVE-2024-28297 -

SQL injection vulnerability in AzureSoft MyHorus 4.3.5 allows authenticated users to execute arbitrary SQL commands via unspecified vectors.

๐Ÿ“… Published: Aug. 2, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.2

CVSS3.1

CVE-2024-33896 -

Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to code injection due to improper parameter blacklisting. This is fixed in version 21.2s10 and 22.1s3.

๐Ÿ“… Published: Aug. 2, 2024, midnight ๐Ÿ”„ Last Modified: Nov. 4, 2025, 5:15 p.m.

8.8

CVSS3.1

CVE-2024-33894 -

Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are executing several processes with elevated privileges.

๐Ÿ“… Published: Aug. 2, 2024, midnight ๐Ÿ”„ Last Modified: June 20, 2025, 6:10 p.m.

5.4

CVSS3.1

CVE-2024-41519 -

Feripro <= v2.2.3 is vulnerable to Cross Site Scripting (XSS) via "/admin/programm/<program_id>/zuordnung/veranstaltungen/<event_id>" through the "school" input field.

๐Ÿ“… Published: Aug. 2, 2024, midnight ๐Ÿ”„ Last Modified: Oct. 29, 2024, 9:35 p.m.

6

CVSS3.1

CVE-2024-28298 -

SQL injection vulnerability in BM SOFT BMPlanning 1.0.0.1 allows authenticated users to execute arbitrary SQL commands via the SEC_IDF, LIE_IDF, PLANF_IDF, CLI_IDF, DOS_IDF, and possibly other parameters to /BMServerR.dll/BMRest.

๐Ÿ“… Published: Aug. 2, 2024, midnight ๐Ÿ”„ Last Modified: Sept. 11, 2024, 2:54 p.m.

9.8

CVSS3.1

CVE-2024-38882 -

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform command line execution through SQL Injection due to improper neutralization of special elements used in an OS command.

๐Ÿ“… Published: Aug. 2, 2024, midnight ๐Ÿ”„ Last Modified: Feb. 24, 2026, 7:09 p.m.

7.5

CVSS3.1

CVE-2024-41518 -

An Incorrect Access Control vulnerability in "/admin/programm/<program_id>/export/statistics" in Feripro <= v2.2.3 allows remote attackers to export an XLSX file with information about registrations and participants.

๐Ÿ“… Published: Aug. 2, 2024, midnight ๐Ÿ”„ Last Modified: Sept. 3, 2024, 8:15 p.m.

9.8

CVSS3.1

CVE-2024-42458 -

server.c in Neat VNC (aka neatvnc) before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369.

๐Ÿ“… Published: Aug. 2, 2024, midnight ๐Ÿ”„ Last Modified: Sept. 5, 2024, 3:51 p.m.

8.4

CVSS3.1

CVE-2024-38890 -

An issue in Horizon Business Services Inc. Caterease Software 16.0.1.1663 through 24.0.1.2405 and possibly later versions allows a local attacker to perform an Authentication Bypass by Capture-replay attack due to insufficient protection against capture-replay attacks.

๐Ÿ“… Published: Aug. 2, 2024, midnight ๐Ÿ”„ Last Modified: May 6, 2025, 4:33 p.m.
Total resulsts: 349182
Page 8969 of 34,919
ยซ previous page ยป next page
Filters