Latest CVE Feed
-
5.5
MEDIUMCVE-2024-50148
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in proto_unregister There's issue as follows: KASAN: maybe wild-memory-access in range [0xdead...108-0xdead...10f] CPU: 3 UID: 0 PID: 2805 Co... Read more
Affected Products : linux_kernel- Published: Nov. 07, 2024
- Modified: Nov. 18, 2024
-
5.5
MEDIUMCVE-2024-50147
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGE_PAGES command, this bit isn't Initialize during command bitmask Initialization, only during ... Read more
Affected Products : linux_kernel- Published: Nov. 07, 2024
- Modified: Nov. 18, 2024
-
5.5
MEDIUMCVE-2024-50144
In the Linux kernel, the following vulnerability has been resolved: drm/xe: fix unbalanced rpm put() with fence_fini() Currently we can call fence_fini() twice if something goes wrong when sending the GuC CT for the tlb request, since we signal the fenc... Read more
Affected Products : linux_kernel- Published: Nov. 07, 2024
- Modified: Nov. 18, 2024
-
7.8
HIGHCVE-2024-49019
Active Directory Certificate Services Elevation of Privilege Vulnerability... Read more
- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
8.8
HIGHCVE-2024-43627
Windows Telephony Service Remote Code Execution Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
8.8
HIGHCVE-2024-43628
Windows Telephony Service Remote Code Execution Vulnerability... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +10 more products- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
7.2
HIGHCVE-2024-50972
A SQL injection vulnerability in printtool.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the borrow_id parameter.... Read more
Affected Products : construction_management_system- Published: Nov. 13, 2024
- Modified: Nov. 18, 2024
-
7.2
HIGHCVE-2024-50971
A SQL injection vulnerability in print.php of Itsourcecode Construction Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the map_id parameter.... Read more
Affected Products : construction_management_system- Published: Nov. 13, 2024
- Modified: Nov. 18, 2024
-
8.8
HIGHCVE-2024-50970
A SQL injection vulnerability in orderview1.php of Itsourcecode Online Furniture Shopping Project 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.... Read more
Affected Products : online_furniture_shopping_project- Published: Nov. 13, 2024
- Modified: Nov. 18, 2024
-
5.4
MEDIUMCVE-2024-42834
A stored cross-site scripting (XSS) vulnerability in the Create Customer API in Incognito Service Activation Center (SAC) UI v14.11 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the lastName p... Read more
Affected Products :- Published: Nov. 13, 2024
- Modified: Nov. 18, 2024
-
7.8
HIGHCVE-2024-49028
Microsoft Excel Remote Code Execution Vulnerability... Read more
- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
7.8
HIGHCVE-2024-49031
Microsoft Office Graphics Remote Code Execution Vulnerability... Read more
- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
7.8
HIGHCVE-2024-49032
Microsoft Office Graphics Remote Code Execution Vulnerability... Read more
- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
5.3
MEDIUMCVE-2024-11102
A vulnerability was found in SourceCodester Hospital Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /vm/doctor/edit-doc.php. The manipulation of the argument name leads to cross si... Read more
Affected Products : hospital_management_system- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
7.8
HIGHCVE-2024-48837
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Comm... Read more
Affected Products : smartfabric_os10- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
7.8
HIGHCVE-2024-50209
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Add a check for memory allocation __alloc_pbl() can return error when memory allocation fails. Driver is not checking the status on one of the instances.... Read more
Affected Products : linux_kernel- Published: Nov. 08, 2024
- Modified: Nov. 18, 2024
-
8.8
HIGH- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024
-
5.3
MEDIUMCVE-2024-51037
An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information via the captcha feature in the password reset function.... Read more
Affected Products :- Published: Nov. 15, 2024
- Modified: Nov. 18, 2024
-
5.3
MEDIUMCVE-2024-49593
In Advanced Custom Fields (ACF) before 6.3.9 and Secure Custom Fields before 6.3.6.3 (plugins for WordPress), using the Field Group editor to edit one of the plugin's fields can result in execution of a stored XSS payload. NOTE: if you wish to use the WP ... Read more
Affected Products :- Published: Oct. 17, 2024
- Modified: Nov. 18, 2024
-
4.7
MEDIUMCVE-2021-27701
SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi wifi portal. The application does not contain a CSRF token and request validation. An attacker can Add/Modify any random user data by sending a crafted CSRF r... Read more
Affected Products :- Published: Nov. 12, 2024
- Modified: Nov. 18, 2024