In Foreman versions before 3.11.1 a medium severity vulnerability CVE-2024-7700 was detected. This vulnerability allows attackers to exploit user actions to execute malicious code. To fix this issue, users should upgrade Foreman to version 3.11.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-7700.
Read more IT Business Management
In Zabbix versions 5.0.8 and 6.0.14 a medium severity vulnerability CVE-2024-36462 was detected. This vulnerability allows attackers to use too many system resources, such as CPU or memory, causing the system to slow down or crash. To fix this problem, users should upgrade Zabbix to version 7.0.2. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-36462.
Read more Monitoring
In Zabbix versions from 5.0.0 before 5.0.42, 6.0.0 before 6.0.30, 6.4.0 before 6.4.15 and 7.0.0alpha1 before 7.0.0 a medium severity vulnerability CVE-2024-22121 was detected. This vulnerability allows attackers to change or remove key parts of the Zabbix Agent, which can break or disrupt the application. To fix this problem, users should upgrade Zabbix to versions 5.0.43rc1, 6.0.31rc1, 6.4.16rc1 and 7.0.0rc1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-22121.
Read more Monitoring
In Mattermost in Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier a medium severity vulnerability CVE-2024-39400 was detected. This vulnerability allows admins to run harmful JavaScript in a user’s browser. It requires the user to click a malicious link and can seriously affect security, especially for other admin accounts. Update Adobe Commerce to the latest version to fix this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-3904.
Read more Communication
In Kibana versions 7.x prior to 7.17.23, 8.x prior to 8.14.2 a high severity vulnerability CVE-2024-37287 was detected. This vulnerability allows attackers to run any code they want in Kibana if they can access certain features and modify specific data. To fix this problem, users should upgrade Kibana to versions 7.17.23 and 8.14.2. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-37287.
Read more Data Analytics
In Prestashop v.8.1.7 and earlier a critical severity vulnerability CVE-2024-41651 was detected. It allows a remote attacker to run arbitrary code through the module upgrade feature. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-41651.
Read more E-commerce
In GitLab versions from 8.16 prior to 17.0.6, from 17.1 prior to 17.1.4 and from 17.2 prior to 17.2.2 a medium severity vulnerability CVE-2024-6329 was detected. This vulnerability allows attackers to cause errors or incorrect displays on the GitLab web interface using specially crafted paths. To fix this problem, users should upgrade GitLab to versions 17.0.6, 17.1.4, 17.2.2 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-6329.
Read more Developer Tools
In MongoDB Enterprise Server versions 6.0 to 6.0.16, 7.0 to 7.0.11, and 7.3 to 7.3.3 a medium severity vulnerability CVE-2024-6384 was detected. This vulnerability allows unauthorized access to potentially sensitive data stored in those backups.To fix this issue, users must upgrade to version 8.14.2 or 7.17.23 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-6384.
Read more Database
In WooCommerce versions before 3.5.1 a medium severity vulnerability CVE-2024-43128 was detected. This vulnerability allows an attacker to inject malicious code due to insufficient input validation. To fix this issue, users must upgrade to a version later than 3.5.1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-43128.
Read more E-commerce