Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-3914 |
Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Published: April 17, 2024; 2:15:16 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32161 |
jizhiCMS 2.5 suffers from a File upload vulnerability. Published: April 17, 2024; 2:15:16 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30988 |
Cross Site Scripting vulnerability in /search-invoices.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the Search bar. Published: April 17, 2024; 2:15:16 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30987 |
Cross Site Scripting vulnerability in /bwdates-reports-ds.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and obtain sensitive information via the fromdate and todate parameters. Published: April 17, 2024; 2:15:16 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30986 |
Cross Site Scripting vulnerability in /edit-services-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code and via "price" and "sname" parameter. Published: April 17, 2024; 2:15:16 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30985 |
SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters. Published: April 17, 2024; 2:15:16 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30982 |
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the upid parameter in the /view-user-detail.php file. Published: April 17, 2024; 2:15:16 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30951 |
FUDforum v3.1.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the chpos parameter at /adm/admsmiley.php. Published: April 17, 2024; 2:15:15 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-2961 |
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. Published: April 17, 2024; 2:15:15 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30983 |
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the compname parameter in /edit-computer-detail.php file. Published: April 17, 2024; 1:15:15 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30981 |
SQL Injection vulnerability in /edit-computer-detail.php in phpgurukul Cyber Cafe Management System Using PHP & MySQL v1.0 allows attackers to run arbitrary SQL commands via editid in the application URL. Published: April 17, 2024; 1:15:15 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30980 |
SQL Injection vulnerability in phpgurukul Cyber Cafe Management System Using PHP & MySQL 1.0 allows attackers to run arbitrary SQL commands via the Computer Location parameter in manage-computer.php page. Published: April 17, 2024; 1:15:15 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28073 |
SolarWinds Serv-U was found to be susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability requires a highly privileged account to be exploited. Published: April 17, 2024; 1:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-5407 |
Controller denial of service due to improper handling of a specially crafted message received by the controller. See Honeywell Security Notification for recommendations on upgrading and versioning. Published: April 17, 2024; 1:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-5406 |
Server communication with a controller can lead to remote code execution using a specially crafted message from the controller. See Honeywell Security Notification for recommendations on upgrading and versioning. Published: April 17, 2024; 1:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-5405 |
Server information leak for the CDA Server process memory can occur when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning. Published: April 17, 2024; 1:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-5404 |
Server receiving a malformed message can cause a pointer to be overwritten which can result in a remote code execution or failure. See Honeywell Security Notification for recommendations on upgrading and versioning. Published: April 17, 2024; 1:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-5403 |
Server hostname translation to IP address manipulation which could lead to an attacker performing remote code execution or causing a failure. See Honeywell Security Notification for recommendations on upgrading and versioning. Published: April 17, 2024; 1:15:13 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-5401 |
Server receiving a malformed message based on a using the specified key values can cause a stack overflow vulnerability which could lead to an attacker performing remote code execution or causing a failure. See Honeywell Security Notification for recommendations on upgrading and versioning. Published: April 17, 2024; 1:15:13 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-5400 |
Server receiving a malformed message based on a using the specified key values can cause a heap overflow vulnerability which could lead to an attacker performing remote code execution or causing a failure. See Honeywell Security Notification for recommendations on upgrading and versioning. Published: April 17, 2024; 1:15:13 PM -0400 |
V3.x:(not available) V2.0:(not available) |