CVE-2024-38200 : MICROSOFT OFFICE/365 APPS FOR ENTERPRISE INFORMATION DISCLOSURE

Description Microsoft Office Spoofing Vulnerability. References https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38200 For More Information CVERecord

Description Microsoft Edge (HTML-based) Memory Corruption Vulnerability. References https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38218 For More Information CVERecord

Description The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which

Description VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site

Description NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user

Description Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and

Description WD Discovery versions prior to 5.0.589 contain a misconfiguration in the Node.js environment settings that could allow code execution

Description anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append “;swagger-ui” to HTTP

Description Improper Control of Generation of Code (‘Code Injection’) vulnerability in Apache InLong. This issue affects Apache InLong: from 1.10.0

Description The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a

Description Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Privilege Escalation, Authentication Bypass. This

Description Improper Privilege Management vulnerability in IdeaBox PowerPack for Beaver Builder allows Privilege Escalation.This issue affects PowerPack for Beaver Builder:

Description A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature

Description Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found

Description REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses

Description There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when

Description Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker

Description A vulnerability was found in SourceCodester Tracking Monitoring Management System 1.0. It has been classified as critical. This affects

Description A vulnerability was found in Point B Ltd Getscreen Agent 2.19.6 on Windows. It has been declared as critical.

Description ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-600 up to 2.18. It has been rated

Description An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the getCacheFileName function in

Description A command injection vulnerability could allow an authenticated user to execute operating system commands as root via a specially

Description OS command injection vulnerability exists in ELECOM wireless LAN routers. A specially crafted request may be sent to the

Description slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this