| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-23950 | Hig | 0.57 | 8.8 | 0.01 | May 28, 2024 | Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the… | ||
| CVE-2024-23949 | Hig | 0.57 | 8.8 | 0.01 | May 28, 2024 | Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the… | ||
| CVE-2024-23948 | Hig | 0.57 | 8.8 | 0.01 | May 28, 2024 | Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the… | ||
| CVE-2024-23947 | Hig | 0.57 | 8.8 | 0.01 | May 28, 2024 | Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the… | ||
| CVE-2024-22181 | Hig | 0.51 | 7.8 | 0.00 | May 28, 2024 | An out-of-bounds write vulnerability exists in the readNODE functionality of libigl v2.5.0. A specially crafted .node file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. | ||
| CVE-2023-49600 | Hig | 0.53 | 8.1 | 0.01 | May 28, 2024 | An out-of-bounds write vulnerability exists in the PlyFile ply_cast_ascii functionality of libigl v2.5.0. A specially crafted .ply file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | ||
| CVE-2023-35953 | Hig | 0.51 | 7.8 | 0.01 | May 28, 2024 | Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within… | ||
| CVE-2023-35952 | Hig | 0.51 | 7.8 | 0.01 | May 28, 2024 | Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within… | ||
| CVE-2023-35951 | Hig | 0.51 | 7.8 | 0.01 | May 28, 2024 | Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within… | ||
| CVE-2023-35950 | Hig | 0.51 | 7.8 | 0.01 | May 28, 2024 | Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within… | ||
| CVE-2023-35949 | Hig | 0.51 | 7.8 | 0.01 | May 28, 2024 | Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within… | ||
| CVE-2024-5415 | Hig | 0.46 | 7.1 | 0.00 | May 28, 2024 | A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/backup.php, 'comments' and 'db' parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it… | ||
| CVE-2024-5414 | Hig | 0.46 | 7.1 | 0.00 | May 28, 2024 | A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/get_file.php, 'view' parameter. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim… | ||
| CVE-2024-5413 | Hig | 0.46 | 7.1 | 0.00 | May 28, 2024 | A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/scheduled.php, all parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim… | ||
| CVE-2024-3657 | Hig | 0.49 | 7.5 | 0.01 | May 28, 2024 | A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service | ||
| CVE-2024-5411 | Hig | 0.59 | 8.8 | 0.23 | May 28, 2024 | Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below. | ||
| CVE-2023-52712 | — | Hig | 0.51 | 7.8 | 0.00 | May 28, 2024 | Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM… | |
| CVE-2023-52711 | — | Hig | 0.51 | 7.8 | 0.00 | May 28, 2024 | Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM… | |
| CVE-2023-52710 | Hig | 0.51 | 7.8 | 0.00 | May 28, 2024 | Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26), As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored… | ||
| CVE-2023-52548 | Hig | 0.51 | 7.8 | 0.00 | May 28, 2024 | Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM | ||
| CVE-2023-52547 | Hig | 0.51 | 7.8 | 0.00 | May 28, 2024 | Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM. | ||
| CVE-2022-48681 | Hig | 0.47 | 7.2 | 0.00 | May 28, 2024 | Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail. | ||
| CVE-2024-28886 | Hig | 0.55 | 8.4 | 0.01 | May 28, 2024 | OS command injection vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product opens a crafted UTAU project file (.ust file), an arbitrary OS command may be executed. | ||
| CVE-2024-29078 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2024 | Incorrect permission assignment for critical resource issue exists in MosP kintai kanri V4.6.6 and earlier, which may allow a remote unauthenticated attacker with access to the product to alter the product settings. | ||
| CVE-2024-36428 | Hig | 0.53 | 8.1 | 0.02 | May 27, 2024 | OrangeHRM 3.3.3 allows admin/viewProjects sortOrder SQL injection. | ||
| CVE-2024-36426 | Hig | 0.49 | 7.5 | 0.00 | May 27, 2024 | In TARGIT Decision Suite 23.2.15007.0 before Autumn 2023, the session token is part of the URL and may be sent in a cleartext HTTP session. | ||
| CVE-2024-29415 | Hig | 0.46 | 8.1 | 0.08 | May 27, 2024 | The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix… | ||
| CVE-2024-35237 | Hig | 0.42 | 7.5 | 0.01 | May 27, 2024 | MIT IdentiBot is an open-source Discord bot written in Node.js that verifies individuals' affiliations with MIT, grants them roles in a Discord server, and stores information about them in a database backend. A vulnerability that exists prior to commit… | ||
| CVE-2024-35231 | Hig | 0.49 | 8.6 | 0.01 | May 27, 2024 | rack-contrib provides contributed rack middleware and utilities for Rack, a Ruby web server interface. Versions of rack-contrib prior to 2.5.0 are vulnerable to denial of service due to the fact that the user controlled data `profiler_runs` was not constrained to any limitation.… | ||
| CVE-2024-35219 | Hig | 0.47 | 8.3 | 0.04 | May 27, 2024 | OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from… | ||
| CVE-2024-34477 | Hig | 0.51 | 7.8 | 0.00 | May 27, 2024 | configureNFS in lib/common/functions.sh in FOG through 1.5.10 allows local users to gain privileges by mounting a crafted NFS share (because of no_root_squash and insecure). In order to exploit the vulnerability, someone needs to mount an NFS share in order to add an executable… | ||
| CVE-2024-5409 | Hig | 0.46 | 7.1 | 0.00 | May 27, 2024 | RhinOS 3.0-1190 is vulnerable to an XSS via the "tamper" parameter in /admin/lib/phpthumb/phpthumb.php. An attacker could create a malicious URL and send it to a victim to obtain their session details. | ||
| CVE-2024-5408 | Hig | 0.46 | 7.1 | 0.00 | May 27, 2024 | Vulnerability in RhinOS 3.0-1190 consisting of an XSS through the "search" parameter of /portal/search.htm. This vulnerability could allow a remote attacker to steal details of a victim's user session by submitting a specially crafted URL. | ||
| CVE-2023-6349 | Hig | 0.49 | 7.5 | 0.00 | May 27, 2024 | A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above | ||
| CVE-2024-5035 | Hig | 0.57 | — | 0.03 | May 27, 2024 | The affected device expose a network service called "rftest" that is vulnerable to unauthenticated command injection on ports TCP/8888, TCP/8889, and TCP/8890. By successfully exploiting this flaw, remote unauthenticated attacker can gain arbitrary command execution on the… | ||
| CVE-2024-5403 | Hig | 0.47 | 7.2 | 0.01 | May 27, 2024 | ASKEY 5G NR Small Cell fails to properly filter user input for certain functionality, allowing remote attackers with administrator privilege to execute arbitrary system commands on the remote server. | ||
| CVE-2024-5400 | Hig | 0.57 | 8.8 | 0.01 | May 27, 2024 | Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server. | ||
| CVE-2024-4535 | Hig | 0.57 | 8.8 | 0.00 | May 27, 2024 | The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks | ||
| CVE-2024-4531 | Hig | 0.46 | 7.1 | 0.00 | May 27, 2024 | The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as editing cards via CSRF attacks | ||
| CVE-2024-5399 | Hig | 0.47 | 7.2 | 0.01 | May 27, 2024 | Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server. | ||
| CVE-2024-5384 | Hig | 0.48 | 7.3 | 0.01 | May 27, 2024 | A vulnerability classified as critical was found in SourceCodester Facebook News Feed Like 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument page leads to sql injection. The attack can be initiated remotely. VDB-266302 is the… | ||
| CVE-2024-36054 | Hig | 0.48 | 7.4 | 0.00 | May 26, 2024 | Hw64.sys in Marvin Test HW.exe before 5.0.5.0 allows unprivileged user-mode processes to arbitrarily read kernel memory (and consequently gain all privileges) via IOCTL 0x9c4064b8 (via MmMapIoSpace) and IOCTL 0x9c406490 (via ZwMapViewOfSection). | ||
| CVE-2024-34454 | Hig | 0.48 | 7.4 | 0.00 | May 26, 2024 | Nintendo Wii U OS 5.5.5 allows man-in-the-middle attackers to forge SSL certificates as though they came from a Root CA, because there is a secondary verification mechanism that only checks whether a CA is known and ignores the CA details and signature (and because * is accepted… | ||
| CVE-2024-5377 | Hig | 0.48 | 7.3 | 0.01 | May 26, 2024 | A vulnerability was found in SourceCodester Vehicle Management System 1.0. It has been classified as critical. This affects an unknown part of the file /newvehicle.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack… | ||
| CVE-2024-5362 | Hig | 0.48 | 7.3 | 0.01 | May 26, 2024 | A vulnerability classified as critical has been found in SourceCodester Online Hospital Management System 1.0. Affected is an unknown function of the file departmentDoctor.php. The manipulation of the argument deptid leads to sql injection. It is possible to launch the attack… | ||
| CVE-2024-5357 | Hig | 0.47 | 7.3 | 0.00 | May 26, 2024 | A vulnerability has been found in PHPGurukul Zoo Management System 2.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be… | ||
| CVE-2024-30056 | Hig | 0.46 | 7.1 | 0.02 | May 25, 2024 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | ||
| CVE-2024-35388 | Hig | 0.57 | 8.8 | 0.03 | May 24, 2024 | TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode | ||
| CVE-2024-33471 | Hig | 0.47 | 7.2 | 0.00 | May 24, 2024 | An issue in the Sensor Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to SMTP credentials in plaintext via a crafted AJAX request. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | ||
| CVE-2024-35395 | Hig | 0.57 | 8.8 | 0.00 | May 24, 2024 | TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root. |
- risk 0.57cvss 8.8epss 0.01
Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the…
- risk 0.57cvss 8.8epss 0.01
Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the…
- risk 0.57cvss 8.8epss 0.01
Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the…
- risk 0.57cvss 8.8epss 0.01
Multiple improper array index validation vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability concerns the…
- risk 0.51cvss 7.8epss 0.00
An out-of-bounds write vulnerability exists in the readNODE functionality of libigl v2.5.0. A specially crafted .node file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.
- risk 0.53cvss 8.1epss 0.01
An out-of-bounds write vulnerability exists in the PlyFile ply_cast_ascii functionality of libigl v2.5.0. A specially crafted .ply file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
- risk 0.51cvss 7.8epss 0.01
Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within…
- risk 0.51cvss 7.8epss 0.01
Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within…
- risk 0.51cvss 7.8epss 0.01
Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within…
- risk 0.51cvss 7.8epss 0.01
Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within…
- risk 0.51cvss 7.8epss 0.01
Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp functionality of libigl v2.4.0. A specially-crafted .off file can lead to a buffer overflow. An attacker can arbitrary code execution to trigger these vulnerabilities.This vulnerability exists within…
- risk 0.46cvss 7.1epss 0.00
A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/backup.php, 'comments' and 'db' parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it…
- risk 0.46cvss 7.1epss 0.00
A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/get_file.php, 'view' parameter. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim…
- risk 0.46cvss 7.1epss 0.00
A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/scheduled.php, all parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim…
- risk 0.49cvss 7.5epss 0.01
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
- risk 0.59cvss 8.8epss 0.23
Missing input validation and OS command integration of the input in the ORing IAP-420 web-interface allows authenticated command injection.This issue affects IAP-420 version 2.01e and below.
- risk 0.51cvss 7.8epss 0.00
Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM…
- risk 0.51cvss 7.8epss 0.00
Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to bypass the protections that have been put in place by previous UEFI phases to prevent direct access to the SPI flash. The second issue can be used to both leak and corrupt SMM…
- risk 0.51cvss 7.8epss 0.00
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26), As the communication buffer size hasn’t been properly validated to be of the expected size, it can partially overlap with the beginning SMRAM.This can be leveraged by a malicious OS attacker to corrupt data structures stored…
- risk 0.51cvss 7.8epss 0.00
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM
- risk 0.51cvss 7.8epss 0.00
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.
- risk 0.47cvss 7.2epss 0.00
Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vulnerability may cause certain functions to fail.
- risk 0.55cvss 8.4epss 0.01
OS command injection vulnerability exists in UTAU versions prior to v0.4.19. If a user of the product opens a crafted UTAU project file (.ust file), an arbitrary OS command may be executed.
- risk 0.49cvss 7.5epss 0.00
Incorrect permission assignment for critical resource issue exists in MosP kintai kanri V4.6.6 and earlier, which may allow a remote unauthenticated attacker with access to the product to alter the product settings.
- risk 0.53cvss 8.1epss 0.02
OrangeHRM 3.3.3 allows admin/viewProjects sortOrder SQL injection.
- risk 0.49cvss 7.5epss 0.00
In TARGIT Decision Suite 23.2.15007.0 before Autumn 2023, the session token is part of the URL and may be sent in a cleartext HTTP session.
- risk 0.46cvss 8.1epss 0.08
The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses (such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1) are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix…
- risk 0.42cvss 7.5epss 0.01
MIT IdentiBot is an open-source Discord bot written in Node.js that verifies individuals' affiliations with MIT, grants them roles in a Discord server, and stores information about them in a database backend. A vulnerability that exists prior to commit…
- risk 0.49cvss 8.6epss 0.01
rack-contrib provides contributed rack middleware and utilities for Rack, a Ruby web server interface. Versions of rack-contrib prior to 2.5.0 are vulnerable to denial of service due to the fact that the user controlled data `profiler_runs` was not constrained to any limitation.…
- risk 0.47cvss 8.3epss 0.04
OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from…
- risk 0.51cvss 7.8epss 0.00
configureNFS in lib/common/functions.sh in FOG through 1.5.10 allows local users to gain privileges by mounting a crafted NFS share (because of no_root_squash and insecure). In order to exploit the vulnerability, someone needs to mount an NFS share in order to add an executable…
- risk 0.46cvss 7.1epss 0.00
RhinOS 3.0-1190 is vulnerable to an XSS via the "tamper" parameter in /admin/lib/phpthumb/phpthumb.php. An attacker could create a malicious URL and send it to a victim to obtain their session details.
- risk 0.46cvss 7.1epss 0.00
Vulnerability in RhinOS 3.0-1190 consisting of an XSS through the "search" parameter of /portal/search.htm. This vulnerability could allow a remote attacker to steal details of a victim's user session by submitting a specially crafted URL.
- risk 0.49cvss 7.5epss 0.00
A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above
- risk 0.57cvss —epss 0.03
The affected device expose a network service called "rftest" that is vulnerable to unauthenticated command injection on ports TCP/8888, TCP/8889, and TCP/8890. By successfully exploiting this flaw, remote unauthenticated attacker can gain arbitrary command execution on the…
- risk 0.47cvss 7.2epss 0.01
ASKEY 5G NR Small Cell fails to properly filter user input for certain functionality, allowing remote attackers with administrator privilege to execute arbitrary system commands on the remote server.
- risk 0.57cvss 8.8epss 0.01
Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server.
- risk 0.57cvss 8.8epss 0.00
The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
- risk 0.46cvss 7.1epss 0.00
The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as editing cards via CSRF attacks
- risk 0.47cvss 7.2epss 0.01
Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server.
- risk 0.48cvss 7.3epss 0.01
A vulnerability classified as critical was found in SourceCodester Facebook News Feed Like 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument page leads to sql injection. The attack can be initiated remotely. VDB-266302 is the…
- risk 0.48cvss 7.4epss 0.00
Hw64.sys in Marvin Test HW.exe before 5.0.5.0 allows unprivileged user-mode processes to arbitrarily read kernel memory (and consequently gain all privileges) via IOCTL 0x9c4064b8 (via MmMapIoSpace) and IOCTL 0x9c406490 (via ZwMapViewOfSection).
- risk 0.48cvss 7.4epss 0.00
Nintendo Wii U OS 5.5.5 allows man-in-the-middle attackers to forge SSL certificates as though they came from a Root CA, because there is a secondary verification mechanism that only checks whether a CA is known and ignores the CA details and signature (and because * is accepted…
- risk 0.48cvss 7.3epss 0.01
A vulnerability was found in SourceCodester Vehicle Management System 1.0. It has been classified as critical. This affects an unknown part of the file /newvehicle.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack…
- risk 0.48cvss 7.3epss 0.01
A vulnerability classified as critical has been found in SourceCodester Online Hospital Management System 1.0. Affected is an unknown function of the file departmentDoctor.php. The manipulation of the argument deptid leads to sql injection. It is possible to launch the attack…
- risk 0.47cvss 7.3epss 0.00
A vulnerability has been found in PHPGurukul Zoo Management System 2.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack can be…
- risk 0.46cvss 7.1epss 0.02
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
- risk 0.57cvss 8.8epss 0.03
TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode
- risk 0.47cvss 7.2epss 0.00
An issue in the Sensor Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to SMTP credentials in plaintext via a crafted AJAX request. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
- risk 0.57cvss 8.8epss 0.00
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.