Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-19 | CVE-2024-8653 | Cross-site Scripting vulnerability in Netcat Content Management System A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific paths on the site. This issue affects NetCat CMS v. | 6.1 |
| 2024-09-19 | CVE-2024-45752 | Unspecified vulnerability in Pixlone Logiops logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. | 7.3 |
| 2024-09-19 | CVE-2024-45861 | Use of Hard-coded Credentials vulnerability in Kastle Access Control System Firmware Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if accessed may allow an attacker to access sensitive information. | 7.5 |
| 2024-09-19 | CVE-2024-45862 | Cleartext Storage of Sensitive Information vulnerability in Kastle Access Control System Firmware Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information. | 7.5 |
| 2024-09-19 | CVE-2024-8698 | A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. | 7.7 |
| 2024-09-19 | CVE-2024-8883 | Open Redirect vulnerability in Redhat products A misconfiguration flaw was found in Keycloak. | 6.1 |
| 2024-09-19 | CVE-2024-46394 | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/?/user/add | 8.8 |
| 2024-09-19 | CVE-2024-46382 | SQL Injection vulnerability in Linlinjava Litemall 1.8.0 A SQL injection vulnerability in linlinjava litemall 1.8.0 allows a remote attacker to obtain sensitive information via the goodsId, goodsSn, and name parameters in AdminGoodscontroller.java. | 7.5 |
| 2024-09-19 | CVE-2024-8354 | Reachable Assertion vulnerability in multiple products A flaw was found in QEMU. | 5.5 |
| 2024-09-19 | CVE-2024-45769 | A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash. local low complexity | 5.5 |