5.3
CVE-2024-7273 - itsourcecode Alton Management System search.php sql injection
A vulnerability classified as critical was found in itsourcecode Alton Management System 1.0. This vulnerability affects unknown code of the file search.php. The manipulation of the argument rcode leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the puβ¦
6.4
CVE-2024-5901 - SiteOrigin Widgets Bundle <= 1.62.2 - Authenticated (Contributor+) Stored Cross-Site Scripting in Iβ¦
The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Grid widget in all versions up to, and including, 1.62.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attβ¦
3.1
CVE-2024-41945 - The fuels-ts typescript SDK has no awareness of to-be-spent transactions
fuels-ts is a library for interacting with Fuel v2. The typescript SDK has no awareness of to-be-spent transactions causing some transactions to fail or silently get pruned as they are funded with already used UTXOs. The problem occurs, because the `fund` function in `fuels-ts/packages/account/srcβ¦
7.5
CVE-2023-33976 - TensorFlow segfault in array_ops.upper_bound
TensorFlow is an end-to-end open source platform for machine learning. `array_ops.upper_bound` causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12.
6.3
CVE-2024-3930 - XML External Entity in Akana
In versions of Akana API Platform prior to 2024.1.0Β a flaw resulting in XML External Entity (XXE) was discovered.
3.5
CVE-2024-5250 - Overly Verbose Errors in SAML Integration
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations
5.4
CVE-2024-5249 - SAML Replay in Akana
In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed.
4.6
CVE-2024-41943 - I, Librarian Stored XSS vulnerability in Item Summary
I, Librarian is an open-source version of a PDF managing SaaS. PDF notes are displayed on the Item Summary page without any form of validation or sanitation. An attacker can exploit this vulnerability by inserting a payload in the PDF notes that contains malicious code or script. This code will theβ¦
6.8
CVE-2024-41916 - Authenticated Sensitive Information Disclosure in ClearPass Policy Manager
A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network servβ¦
7.2
CVE-2024-41915 - Authenticated SQL Injection Vulnerability in ClearPass Policy Manager Web-based Management Interface
A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. An attacker could exploit this vulnerability to obtain and modify sensitive information in tβ¦