Vulnerability Summary for the Week of March 18, 2024

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
N/A — N/A
 
Directory Traversal vulnerability in Devan-Kerman ARRP v.0.8.1 and before allows a remote attacker to execute arbitrary code via the dumpDirect in RuntimeResourcePackImpl component. 2024-03-19 8.8 CVE-2024-24042
cve@mitre.org
cve@mitre.org
N/A — N/A
 
danielmiessler fabric through 1.3.0 allows installer/client/gui/static/js/index.js XSS because of innerHTML mishandling, such as in htmlToPlainText. 2024-03-18 7.4 CVE-2024-29154
cve@mitre.org
aam — advanced_access_manager
 
Improper Neutralization of Input During Web Page Generation (‘C

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from Bulletins

Read the original article: