Latest CVE Feed
-
8.2
HIGHCVE-2024-43365
Cacti is an open source performance and fault management framework. The`consolenewsection` parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected ... Read more
Affected Products : cacti- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
8.8
HIGHCVE-2024-45291
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file that links images from arbitrary paths. When embedding images has been enabled in HTML writer with `$writer->setEmbedIm... Read more
- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
9.8
CRITICALCVE-2024-46532
SQL Injection vulnerability in OpenHIS v.1.0 allows an attacker to execute arbitrary code via the refund function in the PayController.class.php component.... Read more
Affected Products :- Published: Oct. 11, 2024
- Modified: Oct. 16, 2024
-
9.8
CRITICALCVE-2024-10018
Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead to the launch of any unexported component.... Read more
Affected Products :- Published: Oct. 16, 2024
- Modified: Oct. 16, 2024
-
8.4
HIGHCVE-2024-38399
Memory corruption while processing user packets to generate page faults.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware wcd9380_firmware wsa8810_firmware +70 more products- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
7.3
HIGHCVE-2024-47194
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vish2.exe in affected applications allows a specific DLL file to be loaded from the current working directory. This could allow an authenticated loc... Read more
- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
7.3
HIGHCVE-2024-47195
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). gdb.exe in affected applications allows a specific executable file to be loaded from the current working directory. This could allow an authenticate... Read more
- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
7.8
HIGHCVE-2024-8422
CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file.... Read more
Affected Products : zelio_soft_2- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
8.7
HIGHCVE-2024-8215
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Payara Platform Payara Server (Admin Console modules) allows Remote Code Inclusion.This issue affects Payara Server: from 5.20.0 before 5.68.0, fr... Read more
Affected Products : payara- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
6.7
MEDIUMCVE-2024-37976
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 windows_11_22h2 +7 more products- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
8.8
HIGH- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
8.8
HIGH- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
5.5
MEDIUMCVE-2024-45382
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write.... Read more
Affected Products : openharmony- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
7.8
HIGHCVE-2024-37982
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 windows_11_22h2 +7 more products- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
5.5
MEDIUMCVE-2024-43697
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input.... Read more
Affected Products : openharmony- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
7.8
HIGHCVE-2024-37979
Windows Kernel Elevation of Privilege Vulnerability... Read more
- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
5.5
MEDIUMCVE-2024-43696
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak.... Read more
Affected Products : openharmony- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
9.8
CRITICAL- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
6.1
MEDIUMCVE-2024-38425
Information disclosure while sending implicit broadcast containing APP launch information.... Read more
Affected Products : wcd9380_firmware wsa8830_firmware wsa8835_firmware snapdragon_662_mobile_platform_firmware fastconnect_6900_firmware fastconnect_7800_firmware snapdragon_4_gen_1_mobile_platform_firmware snapdragon_480_5g_mobile_platform_firmware snapdragon_680_4g_mobile_platform_firmware snapdragon_695_5g_mobile_platform_firmware +38 more products- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
9.8
CRITICAL- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024