Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-32652 |
The adapter @hono/node-server allows you to run your Hono application on Node.js. Prior to 1.10.1, the application hangs when receiving a Host header with a value that `@hono/node-server` can't handle well. Invalid values are those that cannot be parsed by the `URL` as a hostname such as an empty string, slashes `/`, and other strings. The version 1.10.1 includes the fix for this issue. Published: April 19, 2024; 3:15:07 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31450 |
Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. The Owncast application exposes an administrator API at the URL /api/admin. The emoji/delete endpoint of said API allows administrators to delete custom emojis, which are saved on disk. The parameter name is taken from the JSON request and directly appended to the filepath that points to the emoji to delete. By using path traversal sequences (../), attackers with administrative privileges can exploit this endpoint to delete arbitrary files on the system, outside of the emoji directory. This vulnerability is fixed in 0.1.3. Published: April 19, 2024; 3:15:06 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3979 |
A vulnerability, which was classified as problematic, has been found in COVESA vsomeip up to 3.4.10. Affected by this issue is some unknown functionality. The manipulation leads to race condition. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-261596. Published: April 19, 2024; 2:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31547 |
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/view_item.php. Published: April 19, 2024; 2:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31546 |
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/view_damage.php. Published: April 19, 2024; 2:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-47435 |
An issue in the verifyPassword function of hexo-theme-matery v2.0.0 allows attackers to bypass authentication and access password protected pages. Published: April 19, 2024; 2:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31552 |
CuteHttpFileServer v.3.1 version has an arbitrary file download vulnerability, which allows attackers to download arbitrary files on the server and obtain sensitive information. Published: April 19, 2024; 1:15:54 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-2440 |
A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on a detached repository by making a GraphQL mutation to alter repository permissions while the repository is detached. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.13 and was fixed in versions 3.9.13, 3.10.10, 3.11.8 and 3.12.1. This vulnerability was reported via the GitHub Bug Bounty program. Published: April 19, 2024; 1:15:54 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29991 |
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Published: April 19, 2024; 1:15:54 PM -0400 |
V3.1: 5.0 MEDIUM V2.0:(not available) |
CVE-2023-51798 |
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate. Published: April 19, 2024; 1:15:52 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-51797 |
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showwaves.c:722:24 in showwaves_filter_frame Published: April 19, 2024; 1:15:52 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-51796 |
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame. Published: April 19, 2024; 1:15:52 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-51795 |
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame Published: April 19, 2024; 1:15:52 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-51793 |
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane. Published: April 19, 2024; 1:15:52 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-51792 |
Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000. Published: April 19, 2024; 1:15:52 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-51791 |
Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_parser.c in gen_alias_map. Published: April 19, 2024; 1:15:52 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-50010 |
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the set_encoder_id function in /fftools/ffmpeg_enc.c component. Published: April 19, 2024; 1:15:52 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-50009 |
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_gaussian_blur_8 function in libavfilter/edge_template.c:116:5 component. Published: April 19, 2024; 1:15:52 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-50008 |
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the av_malloc function in libavutil/mem.c:105:9 component. Published: April 19, 2024; 1:15:52 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-50007 |
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via theav_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component. Published: April 19, 2024; 1:15:51 PM -0400 |
V3.x:(not available) V2.0:(not available) |