Total
4403 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-7093 | 2024-08-02 | N/A | N/A | ||
| Dispatch's notification service uses Jinja templates to generate messages to users. Jinja permits code execution within blocks, which were neither properly sanitized nor sandboxed. This vulnerability enables users to construct command line scripts in their custom message templates, which are then executed whenever these notifications are rendered and sent out. | |||||
| CVE-2024-41961 | 2024-08-01 | N/A | 9.6 CRITICAL | ||
| Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which later flows into an `eval` sink which executes the code. Fixed in commit 8bce00be93b95a6512ff68fe86bf9554e486bc02. | |||||
| CVE-2007-6678 | 2024-04-16 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6167. Reason: This candidate is a duplicate of CVE-2007-6167. Notes: All CVE users should reference CVE-2007-6167 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||