Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-16 | CVE-2024-46958 | Unspecified vulnerability in Nextcloud Desktop 3.13.1/3.13.2/3.13.3 In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server and client) may become world writable or world readable. | 9.1 |
| 2024-09-16 | CVE-2024-8880 | Code Injection vulnerability in Playsms A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7. | 9.8 |
| 2024-09-15 | CVE-2024-46942 | Unspecified vulnerability in Opendaylight Model-Driven Service Abstraction Layer In OpenDaylight Model-Driven Service Abstraction Layer (MD-SAL) through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment. | 6.5 |
| 2024-09-15 | CVE-2024-46943 | Unspecified vulnerability in Opendaylight Authentication, Authorization and Accounting An issue was discovered in OpenDaylight Authentication, Authorization and Accounting (AAA) through 0.19.3. | 7.5 |
| 2024-09-15 | CVE-2024-46938 | Unspecified vulnerability in Sitecore products An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) 8.0 Initial Release through 10.4 Initial Release. | 7.5 |
| 2024-09-15 | CVE-2024-8875 | Path Traversal vulnerability in Wcms A vulnerability classified as critical was found in vedees wcms up to 0.3.2. | 9.1 |
| 2024-09-15 | CVE-2024-8876 | Path Traversal vulnerability in Xiaohe4966 Tpmecms A vulnerability, which was classified as problematic, has been found in xiaohe4966 TpMeCMS up to 1.3.3.1. | 7.5 |
| 2024-09-15 | CVE-2024-46918 | Incorrect Authorization vulnerability in Misp app/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org admin from viewing sensitive login fields of another org admin in the same org. | 4.9 |
| 2024-09-15 | CVE-2024-8869 | OS Command Injection vulnerability in Totolink A720R Firmware 4.1.5 A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. | 8.1 |
| 2024-09-15 | CVE-2024-44053 | Cross-site Scripting vulnerability in Mohammadarif Opor Ayam Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mohammad Arif Opor Ayam allows Reflected XSS.This issue affects Opor Ayam: from n/a through 1.8. | 6.1 |