7.2

CVSS3.1

CVE-2024-37149 - GLPI allows remote code execution through the plugin loader

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to execute this malicious script. Upgrade to 10.0.16.

๐Ÿ“… Published: July 10, 2024, 7:20 p.m. ๐Ÿ”„ Last Modified: Jan. 7, 2025, 5:03 p.m.

8.1

CVSS3.1

CVE-2024-37148 - GLPI allows account takeover via SQL Injection in AJAX scripts

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can exploit a SQL injection vulnerability in some AJAX scripts to alter another user account data and take control of it. Upgrade โ€ฆ

๐Ÿ“… Published: July 10, 2024, 7:18 p.m. ๐Ÿ”„ Last Modified: Jan. 7, 2025, 4:58 p.m.

7.1

CVSS3.1

CVE-2024-32469 - Decidim has cross-site scripting (XSS) in the pagination

Decidim is a participatory democracy framework. The pagination feature used in searches and filters is subject to potential XSS attack through a malformed URL using the GET parameter `per_page`. This vulnerability is fixed in 0.27.6 and 0.28.1.

๐Ÿ“… Published: July 10, 2024, 7:10 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.4

CVSS4.0

CVE-2024-6235 - Sensitive information disclosure

Sensitive information disclosureย inย NetScaler Console

๐Ÿ“… Published: July 10, 2024, 7:07 p.m. ๐Ÿ”„ Last Modified: May 14, 2025, 3:16 p.m.

5.4

CVSS3.1

CVE-2024-27095 - Decidim cross-site scripting (XSS) in the admin panel

Decidim is a participatory democracy framework. The admin panel is subject to potential XSS attach in case the attacker manages to modify some records being uploaded to the server. This vulnerability is fixed in 0.27.6 and 0.28.1.

๐Ÿ“… Published: July 10, 2024, 7:07 p.m. ๐Ÿ”„ Last Modified: Nov. 21, 2024, 9:03 a.m.

5.1

CVSS4.0

CVE-2024-5492 - Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitraryโ€ฆ

Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to arbitrary websitesย in NetScaler ADC and NetScaler Gateway

๐Ÿ“… Published: July 10, 2024, 7:04 p.m. ๐Ÿ”„ Last Modified: July 25, 2025, 3:12 p.m.

7.2

CVSS4.0

CVE-2024-5491 - Denial of Service

Denial of Service in NetScaler ADC and NetScaler Gateway in NetScaler

๐Ÿ“… Published: July 10, 2024, 6:56 p.m. ๐Ÿ”„ Last Modified: July 25, 2025, 3:11 p.m.

6.1

CVSS3.1

CVE-2024-5913 - PAN-OS: Improper Input Validation Vulnerability in PAN-OS

An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges.

๐Ÿ“… Published: July 10, 2024, 6:40 p.m. ๐Ÿ”„ Last Modified: Jan. 24, 2025, 4 p.m.

6.8

CVSS4.0

CVE-2024-5912 - Cortex XDR Agent: Improper File Signature Verification Checks

An improper file signature check in Palo Alto Networks Cortex XDR agent may allow an attacker to bypass the Cortex XDR agent's executable blocking capabilities and run untrusted executables on the device. This issue can be leveraged to execute untrusted software without being detected or blocked.

๐Ÿ“… Published: July 10, 2024, 6:40 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

7

CVSS4.0

CVE-2024-5911 - PAN-OS: File Upload Vulnerability in the Panorama Web Interface

An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requiโ€ฆ

๐Ÿ“… Published: July 10, 2024, 6:40 p.m. ๐Ÿ”„ Last Modified: Jan. 30, 2026, 9:11 p.m.
Total resulsts: 348450
Page 9118 of 34,845
ยซ previous page ยป next page
Filters