Latest CVE Feed
-
0.0
CVSS31CVE-2024-48925
Umbraco, a free and open source .NET content management system, has an improper access control issue starting in version 14.0.0 and prior to version 14.3.0. The issue allows low-privilege users to access the webhook API and retrieve information that shoul... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-9129
In versions of Zend Server 8.5 and prior to version 9.2 a format string injection was discovered. Reported by Dylan Marino... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-9287
A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source v... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-10183
A vulnerability in Jamf Pro's Jamf Remote Assist tool allows a local, non-privileged user to escalate their privileges to root on MacOS systems.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-45526
An issue was discovered in OPC Foundation OPCFoundation/UA-.NETStandard through 1.5.374.78. A remote attacker can send requests with invalid credentials and cause the server performance to degrade gradually.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-48919
Cursor is a code editor built for programming with AI. Prior to Sep 27, 2024, if a user generated a terminal command via Cursor's Terminal Cmd-K/Ctrl-K feature and if the user explicitly imported a malicious web page into the Terminal Cmd-K prompt, an att... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-10229
Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High)... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-10230
Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-10231
Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-26519
An issue in Casa Systems NTC-221 version 2.0.99.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the /www/cgi-bin/nas.cgi component.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-31029
An issue in the server_handle_regular function of the test_coap_server.c file within the FreeCoAP project allows remote attackers to cause a Denial of Service through specially crafted packets.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-40493
Null Pointer Dereference in `coap_client_exchange_blockwise2` function in Keith Cullen FreeCoAP 1.0 allows remote attackers to cause a denial of service and potentially execute arbitrary code via a specially crafted CoAP packet that causes `coap_msg_get_p... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-40494
Buffer Overflow in coap_msg.c in FreeCoAP allows remote attackers to execute arbitrary code or cause a denial of service (stack buffer overflow) via a crafted packet.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-42643
Integer Overflow in fast_ping.c in SmartDNS Release46 allows remote attackers to cause a Denial of Service via misaligned memory access.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-44331
Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-44812
SQL Injection vulnerability in Online Complaint Site v.1.0 allows a remote attacker to escalate privileges via the username and password parameters in the /admin.index.php component.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-46482
An arbitrary file upload vulnerability in the Ticket Generation function of Ladybird Web Solution Faveo-Helpdesk v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .html or .svg file.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-46483
Xlight FTP Server <3.9.4.3 has an integer overflow vulnerability in the packet parsing logic of the SFTP server, which can lead to a heap overflow with attacker-controlled content.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-48415
itsourcecode Loan Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload to the lastname, firstname, middlename, address, contact_no, email and tax_id parameters in new borrowers functionality on the Borrowers page.... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024
-
0.0
NONECVE-2024-48644
Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera (Firmware Version v3.0.0.1889_23031701) allows remote attackers to determine valid user accounts via login attempts. This can lead to the enumeration of user accounts a... Read more
Affected Products :- Published: Oct. 22, 2024
- Modified: Oct. 22, 2024