5.3
CVE-2024-11076 - code-projects Job Recruitment activation.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Job Recruitment 1.0. This issue affects some unknown processing of the file /activation.php. The manipulation of the argument e_hash leads to sql injection. The attack may be initiated remotely. The exploit has been β¦
5.3
CVE-2024-11074 - itsourcecode Tailoring Management System incadd.php sql injection
A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. This vulnerability affects unknown code of the file /incadd.php. The manipulation of the argument inccat/desc/date/amount leads to sql injection. The attack can be initiated remotely. The exploit has bβ¦
4.8
CVE-2024-45087 - IBM WebSphere Application Server cross-site scripting
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
5.3
CVE-2024-11073 - SourceCodester Hospital Management System delete-account.php improper authorization
A vulnerability classified as problematic has been found in SourceCodester Hospital Management System 1.0. This affects an unknown part of the file /vm/patient/delete-account.php. The manipulation of the argument id leads to improper authorization. It is possible to initiate the attack remotely. Thβ¦
3.7
CVE-2024-10917 - Eclipse OpenJ9 might return an incorrect value in JNI function GetStringUTFLength
In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters.
6.4
CVE-2024-45088 - IBM Maximo Asset Management cross-site scripting
IBM Maximo Asset Management 7.6.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
5.4
CVE-2024-43439 - Moodle: reflected xss via h5p error message
A flaw was found in moodle. H5P error messages require additional sanitizing to prevent a reflected cross-site scripting (XSS) risk.
8.4
CVE-2024-39354 - Delta Electronics DIAScreen Stack-based Buffer Overflow
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the attacker to remotely execute arbitrary code.
8.4
CVE-2024-39605 - Delta Electronics DIAScreen Stack-based Buffer Overflow
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetParameter can be exploited, allowing the attacker to remotely execute arbitrary code.
8.4
CVE-2024-47131 - Delta Electronics DIAScreen Stack-based Buffer Overflow
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetObjectInfo can be exploited, allowing the attacker to remotely execute arbitrary code.