| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL Injection in GitHub repository mintplex-labs/anything-llm prior to 0.0.1. |
| Authentication Bypass by Primary Weakness in GitHub repository mintplex-labs/anything-llm prior to 0.0.1. |
| Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1. |
| A vulnerability exists which allows an authenticated attacker to access sensitive information on the AirWave Management Platform web-based management interface. Successful exploitation allows the attacker to gain access to some data that could be further exploited to laterally access devices managed and monitored by the AirWave server. |
| Teedy v1.11 has a vulnerability in its text editor that allows events
to be executed in HTML tags that an attacker could manipulate. Thanks
to this, it is possible to execute malicious JavaScript in the webapp.
|
|
A potential use-after-free vulnerability was reported in the Lenovo View driver that could result in denial of service.
|
| Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network Function) communications resulting in the exposure of sensitive information. |
| An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication. |
| Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF (Virtual Network Function), and triggering the ogs_sbi_message_free function, which could cause a service outage. |
| DOS vulnerability that could allow an attacker to register a new VNF (Virtual Network Function) value. This action could trigger the args_assets() function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash. |
| Cross-site Scripting (XSS) - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1.-git. |
| Server-Side Request Forgery (SSRF) in GitHub repository instantsoft/icms2 prior to 2.16.1-git. |
| Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository hamza417/inure prior to build92. |
| Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository hamza417/inure prior to build92. |
| Null pointer dereference when composing from a specially crafted draft message in Mutt >1.5.2 <2.2.12 |
| Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2 <2.2.12 |
| A vulnerability, which was classified as critical, has been found in SourceCodester Contact Manager App 1.0. This issue affects some unknown processing of the file add.php. The manipulation of the argument contact/contactName leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239357 was assigned to this vulnerability. |
| A vulnerability classified as critical was found in SourceCodester Contact Manager App 1.0. This vulnerability affects unknown code of the file delete.php. The manipulation of the argument contact/contactName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239356. |
| A vulnerability was found in SourceCodester Contact Manager App 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file update.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-239354 is the identifier assigned to this vulnerability. |
| A vulnerability was found in SourceCodester Contact Manager App 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239353 was assigned to this vulnerability. |