Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-11-18 CVE-2024-11310 Path Traversal vulnerability in Trcore DVC
The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.
network
low complexity
trcore CWE-22
7.5
7.5
2024-11-17 CVE-2020-25720 A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation.
network
high complexity
CWE-264
7.5
7.5
2024-11-17 CVE-2023-0657 A flaw was found in Keycloak.
high complexity
CWE-273
3.4
3.4
2024-11-17 CVE-2023-1419 A script injection vulnerability was found in the Debezium database connector, where it does not properly sanitize some parameters.
network
high complexity
CWE-233
5.9
5.9
2024-11-17 CVE-2023-4639 A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests.
network
high complexity
CWE-444
7.4
7.4
2024-11-17 CVE-2023-6110 A flaw was found in OpenStack.
network
low complexity
 5.5
5.5
2024-11-17 CVE-2024-0793 A flaw was found in kube-controller-manager.
network
low complexity
CWE-20
7.7
7.7
2024-11-16 CVE-2024-10592 The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-80
6.4
6.4
2024-11-16 CVE-2024-11094 The 404 Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.35.17 via the export feature.
network
low complexity
CWE-488
5.3
5.3
2024-11-16 CVE-2024-10645 The Blogger 301 Redirect plugin for WordPress is vulnerable to blind time-based SQL Injection via the ‘br’ parameter in all versions up to, and including, 2.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
7.5
7.5