6.2
CVE-2017-13309 -
In readEncryptedData of ConscryptEngine.java, there is a possible plaintext leak due to improperly used crypto. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
0.0
CVE-2024-11288 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
8.8
CVE-2024-49060 - Azure Stack HCI Elevation of Privilege Vulnerability
Azure Stack HCI Elevation of Privilege Vulnerability
5.7
CVE-2024-45611 - GLPI has a stored XSS at src/RSSFeed.php
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can bypass the access control policy to create a private RSS feed attached to another user account and use a malicious payload to β¦
6.5
CVE-2024-45610 - GLPI has a reflected XSS in ajax/cable.php
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Cable form. Uβ¦
6.5
CVE-2024-45609 - GLPI has a Reflected XSS in /front/stat.graph.php
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the reports pages. Upgrβ¦
5.3
CVE-2024-11259 - code-projects Farmacia fornecedores.php cross site scripting
A vulnerability, which was classified as problematic, has been found in code-projects Farmacia 1.0. This issue affects some unknown processing of the file /fornecedores.php. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the pβ¦
6.9
CVE-2024-11258 - 1000 Projects Beauty Parlour Management System index.php sql injection
A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been β¦
4.3
CVE-2024-3334 - USB Security Feature Bypass in Digital Guardian Windows Agent Prior to version 8.2.0
A security bypass vulnerability exists in the Removable Media Encryption (RME)component of Digital Guardian Windows Agents prior to version 8.2.0. This allows a user to circumvent encryption controls by modifying metadata on the USB device thereby compromising the confidentiality of the stored data.
5.5
CVE-2024-49536 - Audition | Out-of-bounds Read (CWE-125)
Audition versions 23.6.9, 24.4.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victimβ¦