🚨 CVE-2024-27620
An issue in Ladder v.0.0.1 thru v.0.0.21 allows a remote attacker to obtain sensitive information via a crafted request to the API.
🎖@cveNotify
An issue in Ladder v.0.0.1 thru v.0.0.21 allows a remote attacker to obtain sensitive information via a crafted request to the API.
🎖@cveNotify
everywall.github.io
Hello from Ladder | Ladder
Description will go into a meta tag in <head />
🚨 CVE-2024-23082
ThreeTen Backport v1.6.8 was discovered to contain an integer overflow via the component org.threeten.bp.format.DateTimeFormatter::parse(CharSequence, ParsePosition). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
ThreeTen Backport v1.6.8 was discovered to contain an integer overflow via the component org.threeten.bp.format.DateTimeFormatter::parse(CharSequence, ParsePosition). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Gist
[CVE-2024-23082]
[CVE-2024-23082]. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-23078
JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Gist
[CVE-2024-23078]
[CVE-2024-23078]. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-23086
Apfloat v1.10.1 was discovered to contain a stack overflow via the component org.apfloat.internal.DoubleModMath::modPow(double. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Apfloat v1.10.1 was discovered to contain a stack overflow via the component org.apfloat.internal.DoubleModMath::modPow(double. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Gist
[CVE-2024-23086]
[CVE-2024-23086]. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-22949
JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /chart/annotations/CategoryLineAnnotation. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /chart/annotations/CategoryLineAnnotation. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Gist
[CVE-2024-22949]
[CVE-2024-22949]. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-23079
JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Gist
[CVE-2024-23079]
[CVE-2024-23079]. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-23081
ThreeTen Backport v1.6.8 was discovered to contain a NullPointerException via the component org.threeten.bp.LocalDate::compareTo(ChronoLocalDate). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
ThreeTen Backport v1.6.8 was discovered to contain a NullPointerException via the component org.threeten.bp.LocalDate::compareTo(ChronoLocalDate). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Gist
[CVE-2024-23081]
[CVE-2024-23081]. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-23084
Apfloat v1.10.1 was discovered to contain an ArrayIndexOutOfBoundsException via the component org.apfloat.internal.DoubleCRTMath::add(double[], double[]). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Apfloat v1.10.1 was discovered to contain an ArrayIndexOutOfBoundsException via the component org.apfloat.internal.DoubleCRTMath::add(double[], double[]). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Gist
[CVE-2024-23084]
[CVE-2024-23084]. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-23076
JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /labels/BubbleXYItemLabelGenerator.java. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /labels/BubbleXYItemLabelGenerator.java. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Gist
[CVE-2024-23076]
[CVE-2024-23076]. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-23080
Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda.time.format.PeriodFormat::wordBased(Locale). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda.time.format.PeriodFormat::wordBased(Locale). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Gist
[CVE-2024-23080]
[CVE-2024-23080]. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-23083
Time4J Base v5.9.3 was discovered to contain a NullPointerException via the component net.time4j.format.internal.FormatUtils::useDefaultWeekmodel(Locale). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Time4J Base v5.9.3 was discovered to contain a NullPointerException via the component net.time4j.format.internal.FormatUtils::useDefaultWeekmodel(Locale). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Gist
[CVE-2024-23083]
[CVE-2024-23083]. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-29296
A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not.
🎖@cveNotify
A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not.
🎖@cveNotify
GitHub
GitHub - ThaySolis/CVE-2024-29296: CVE-2024-29296 - User enumeration on Portainer CE - 2.19.4
CVE-2024-29296 - User enumeration on Portainer CE - 2.19.4 - ThaySolis/CVE-2024-29296
🚨 CVE-2023-52070
JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the 'setSeriesNeedle(int index, int type)' method. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the 'setSeriesNeedle(int index, int type)' method. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Gist
[CVE-2023-52070 / CVE-2024-23077]
[CVE-2023-52070 / CVE-2024-23077]. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-23077
JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the component /chart/plot/CompassPlot.java. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the component /chart/plot/CompassPlot.java. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.
🎖@cveNotify
Gist
[CVE-2023-52070 / CVE-2024-23077]
[CVE-2023-52070 / CVE-2024-23077]. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2023-51141
An issue in ZKTeko BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information via the Authentication & Authorization component
🎖@cveNotify
An issue in ZKTeko BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information via the Authentication & Authorization component
🎖@cveNotify
Gist
CVE-2023-51141
CVE-2023-51141. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2023-51142
An issue in ZKTeco BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information.
🎖@cveNotify
An issue in ZKTeco BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information.
🎖@cveNotify
Gist
CVE-2023-51142.md
GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-32206
A stored cross-site scripting (XSS) vulnerability in the component \affiche\admin\index.php of WUZHICMS v4.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $formdata parameter.
🎖@cveNotify
A stored cross-site scripting (XSS) vulnerability in the component \affiche\admin\index.php of WUZHICMS v4.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $formdata parameter.
🎖@cveNotify
GitHub
vulnerability/POC/WUZHICMS4.1.0 Stored Xss In Affiche Model.md at main · majic-banana/vulnerability
poc. Contribute to majic-banana/vulnerability development by creating an account on GitHub.
🚨 CVE-2024-32409
An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script.
🎖@cveNotify
An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script.
🎖@cveNotify
Sem-Cms
外贸网站建设,英文网站建设,外贸网站设计 - semcms
黑蚂蚁外贸网站系统SemCms是专注于英文网站建设,外贸网站制作,响应式模板设计,程序功能定制,多语言网站开发(俄语,西班牙,阿拉伯语,葡萄牙语等)小语种及网站优化(seo)推广,使用简单、稳定性好、性价比高,是soho或外贸企业建站的首选。
🚨 CVE-2024-28722
Cross Site Scripting vulnerability in Innovaphone myPBX v.14r1, v.13r3, v.12r2 allows a remote attacker to execute arbitrary code via the query parameter to the /CMD0/xml_modes.xml endpoint
🎖@cveNotify
Cross Site Scripting vulnerability in Innovaphone myPBX v.14r1, v.13r3, v.12r2 allows a remote attacker to execute arbitrary code via the query parameter to the /CMD0/xml_modes.xml endpoint
🎖@cveNotify
Innovaphone
ReleaseNotes14r1:Firmware
This is the Firmware 14r1 Release Notes Document.
Service Releases are planned for the second Monday each month. For each of the service release, the complete set of tests is executed. If problems show...
Service Releases are planned for the second Monday each month. For each of the service release, the complete set of tests is executed. If problems show...