Search Results (Refine Search)
- Search Type: Search Last 3 Months
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-33294 |
An issue in Library System using PHP/MySQli with Source Code V1.0 allows a remote attacker to execute arbitrary code via the _FAILE variable in the student_edit_photo.php component. Published: May 06, 2024; 11:15:23 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2024-33113 |
D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php. Published: May 06, 2024; 11:15:23 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2024-33112 |
D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main()func. Published: May 06, 2024; 11:15:23 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2024-33111 |
D-Link DIR-845L router <=v1.01KRb03 is vulnerable to Cross Site Scripting (XSS) via /htdocs/webinc/js/bsc_sms_inbox.php. Published: May 06, 2024; 11:15:23 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2024-33110 |
D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Permission Bypass via the getcfg.php component. Published: May 06, 2024; 11:15:23 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2024-32982 |
Litestar and Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to 2.8.3, 2.7.2, and 2.6.4, a Local File Inclusion (LFI) vulnerability has been discovered in the static file serving component of LiteStar. This vulnerability allows attackers to exploit path traversal flaws, enabling unauthorized access to sensitive files outside the designated directories. Such access can lead to the disclosure of sensitive information or potentially compromise the server. The vulnerability is located in the file path handling mechanism within the static content serving function, specifically at `litestar/static_files/base.py`. This vulnerability is fixed in versions 2.8.3, 2.7.2, and 2.6.4. Published: May 06, 2024; 11:15:23 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2024-32972 |
go-ethereum (geth) is a golang execution layer implementation of the Ethereum protocol. Prior to 1.13.15, a vulnerable node can be made to consume very large amounts of memory when handling specially crafted p2p messages sent from an attacker node. The fix has been included in geth version `1.13.15` and onwards. Published: May 06, 2024; 11:15:23 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2024-23354 |
Memory corruption when the IOCTL call is interrupted by a signal. Published: May 06, 2024; 11:15:22 AM -0400 |
V4.0:(not available) V3.1: 8.4 HIGH V2.0:(not available) |
CVE-2024-23351 |
Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions. Published: May 06, 2024; 11:15:22 AM -0400 |
V4.0:(not available) V3.1: 8.4 HIGH V2.0:(not available) |
CVE-2024-21480 |
Memory corruption while playing audio file having large-sized input buffer. Published: May 06, 2024; 11:15:22 AM -0400 |
V4.0:(not available) V3.1: 7.3 HIGH V2.0:(not available) |
CVE-2024-21477 |
Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame. Published: May 06, 2024; 11:15:22 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0:(not available) |
CVE-2024-21476 |
Memory corruption when the channel ID passed by user is not validated and further used. Published: May 06, 2024; 11:15:22 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2024-21475 |
Memory corruption when the payload received from firmware is not as per the expected protocol size. Published: May 06, 2024; 11:15:21 AM -0400 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2024-21474 |
Memory corruption when size of buffer from previous call is used without validation or re-initialization. Published: May 06, 2024; 11:15:21 AM -0400 |
V4.0:(not available) V3.1: 8.4 HIGH V2.0:(not available) |
CVE-2024-21471 |
Memory corruption when IOMMU unmap of a GPU buffer fails in Linux. Published: May 06, 2024; 11:15:21 AM -0400 |
V4.0:(not available) V3.1: 8.4 HIGH V2.0:(not available) |
CVE-2023-43531 |
Memory corruption while verifying the serialized header when the key pairs are generated. Published: May 06, 2024; 11:15:21 AM -0400 |
V4.0:(not available) V3.1: 8.4 HIGH V2.0:(not available) |
CVE-2023-43530 |
Memory corruption in HLOS while checking for the storage type. Published: May 06, 2024; 11:15:21 AM -0400 |
V4.0:(not available) V3.1: 5.9 MEDIUM V2.0:(not available) |
CVE-2023-43529 |
Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received. Published: May 06, 2024; 11:15:20 AM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-43528 |
Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size. Published: May 06, 2024; 11:15:20 AM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-43527 |
Information disclosure while parsing dts header atom in Video. Published: May 06, 2024; 11:15:20 AM -0400 |
V4.0:(not available) V3.1: 6.8 MEDIUM V2.0:(not available) |