CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37896 – SQL injection vulnerability in Gin-vue-admin
https://notcve.org/view.php?id=CVE-2024-37896
The SQL injection vulnerabilities occur when a web application allows users to input data into SQL queries without sufficiently validating or sanitizing the input. ... This could lead to unauthorized access to the database, data leakage, data manipulation, or even complete compromise of the database server. • https://github.com/flipped-aurora/gin-vue-admin/commit/53d03382188868464ade489ab0713b54392d227f https://github.com/flipped-aurora/gin-vue-admin/security/advisories/GHSA-gf3r-h744-mqgp • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-31870 – IBM i information disclosure
https://notcve.org/view.php?id=CVE-2024-31870
IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user enumeration by a local authenticated attacker, without having authority to the related *USRPRF objects. This can be used by a malicious actor to gather information about users that can be targeted in further attacks. IBM X-Force ID: 287174. IBM Db2 para i 7.2, 7.3, 7.4 y 7.5 proporciona una función de tabla definida por el usuario que es vulnerable a la enumeración de usuarios por parte de un atacante local autenticado, sin tener autoridad sobre los objetos *USRPRF relacionados. Esto puede ser utilizado por un actor malintencionado para recopilar información sobre los usuarios que pueden ser objeto de futuros ataques. • https://exchange.xforce.ibmcloud.com/vulnerabilities/287174 https://www.ibm.com/support/pages/node/7157638 • CWE-204: Observable Response Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-0084
https://notcve.org/view.php?id=CVE-2024-0084
A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5551 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-0099
https://notcve.org/view.php?id=CVE-2024-0099
A successful exploit of this vulnerability might lead to information disclosure, data tampering, escalation of privileges, and denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5551 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-0093
https://notcve.org/view.php?id=CVE-2024-0093
A successful exploit of this vulnerability might lead to information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5551 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •