6.1

CVSS3.1

CVE-2024-39124 -

In Roundup before 2.4.0, classhelpers (_generic.help.html) allow XSS.

πŸ“… Published: July 17, 2024, midnight πŸ”„ Last Modified: Nov. 21, 2024, 9:27 a.m.

8.6

CVSS3.1

CVE-2023-7272 - Eclipse Parsson stack overflow with deeply nested objects

In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing (e.g. parse, generate, transform and query) JSON documents.

πŸ“… Published: July 17, 2024, midnight πŸ”„ Last Modified: Feb. 6, 2025, 6:07 p.m.

0.0

CVE-2024-40420 -

DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2024-36694. Reason: This record is a duplicate of CVE-2024-36694. Notes: All CVE users should reference CVE-2024-36694 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.

πŸ“… Published: July 17, 2024, midnight πŸ”„ Last Modified: Dec. 18, 2024, 8:15 p.m.

5.3

CVSS3.1

CVE-2024-6535 - Skupper: potential authentication bypass to skupper console via forged cookies

A flaw was found in Skupper. When Skupper is initialized with the console-enabled and with console-auth set to Openshift, it configures the openshift oauth-proxy with a static cookie-secret. In certain circumstances, this may allow an attacker to bypass authentication to the Skupper console via a s…

πŸ“… Published: July 17, 2024, midnight πŸ”„ Last Modified: Nov. 20, 2025, 7:54 p.m.

5.4

CVSS3.1

CVE-2024-39126 -

Roundup before 2.4.0 allows XSS via JavaScript in PDF, XML, and SVG documents.

πŸ“… Published: July 17, 2024, midnight πŸ”„ Last Modified: March 13, 2025, 2:15 p.m.

7.1

CVSS3.1

CVE-2024-40492 -

Cross Site Scripting vulnerability in Heartbeat Chat v.15.2.1 allows a remote attacker to execute arbitrary code via the setname function.

πŸ“… Published: July 17, 2024, midnight πŸ”„ Last Modified: July 9, 2025, 4:49 p.m.

4

CVSS3.1

CVE-2022-35640 - IBM Sterling Partner Engagement Manager information disclosure

IBM Sterling Partner Engagement Manager 6.2.2 could allow a local attacker to obtain sensitive information when a detailed technical error message is returned. IBM X-Force ID: 230933.

πŸ“… Published: July 16, 2024, 11:05 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 7:11 a.m.

4.2

CVSS3.1

CVE-2024-40637 - Implicit override for built-in materializations from installed packages in dbt-core

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. When a user installs a package in dbt, it has the ability to override macros, materializations, and other core components of dbt. This is by design, as it allo…

πŸ“… Published: July 16, 2024, 10:56 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:31 a.m.

6.1

CVSS3.1

CVE-2024-21188 -

Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: Chatbot). Supported versions that are affected are 6.0.0.0.0 and 6.1.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network acc…

πŸ“… Published: July 16, 2024, 10:40 p.m. πŸ”„ Last Modified: March 13, 2025, 8:15 p.m.

7.2

CVSS3.1

CVE-2024-21184 -

Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having Execute on SYS.XS_DIAG privilege with network access via Oracle Net to compromise Or…

πŸ“… Published: July 16, 2024, 10:40 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 8:53 a.m.
Total resulsts: 349182
Page 9119 of 34,919
Β« previous page Β» next page
Filters