CVE-2024-8088 : PYTHON CPYTHON UP TO 3.13.0 ZIPFILE MODULE NAMELIST/ITERDIR/EXTRACTALL INFINITE LOOP
Description There is a HIGH severity vulnerability affecting the CPython “zipfile” module. When iterating over names of entries in a
CVE-2024-42490 : GOAUTHENTIK API ENDPOINT IMPROPER AUTHORIZATION
Description authentik is an open-source Identity Provider. Several API endpoints can be accessed by users without correct authentication/authorization. The main
CVE-2024-8041 : GITLAB COMMUNITY EDITION/ENTERPRISE EDITION UP TO 17.1.5/17.2.3/17.3.0 IMPORT RESOURCE CONSUMPTION
Description A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior to 17.1.6, 17.2
CVE-2023-6452 : FORCEPOINT WEB SECURITY UP TO 8.5.5 TRANSACTION VIEWER CROSS SITE SCRIPTING
Description Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Forcepoint Web Security (Transaction Viewer) allows Stored
CVE-2024-36445 : SWISSPHONE DICAL-RED 4009 TELNET SERVICE IMPROPER AUTHENTICATION
Description Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without authentication. References https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-035.txt
CVE-2024-42497 : MATTERMOST UP TO 9.5.7/9.8.2/9.9.1/9.10.0/9.11.0 SYSTEMS MANAGER ROLE ACCESS CONTROL
Description Mattermost versions 9.9.x
CVE-2024-8080 : SOURCECODESTER ONLINE HEALTH CARE SYSTEM 1.0 SEARCH.PHP F_NAME SQL INJECTION
Description A vulnerability classified as critical has been found in SourceCodester Online Health Care System 1.0. Affected is an unknown
CVE-2024-28987 : SOLARWINDS WEB HELP DESK UP TO 12.8.3 HOTFIX 1 HARD-CODED CREDENTIALS
Description The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to