Latest CVE Feed
-
7.8
HIGHCVE-2024-39390
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 19, 2024
-
7.8
HIGHCVE-2024-39391
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 19, 2024
-
7.8
HIGHCVE-2024-39393
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerabili... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 19, 2024
-
7.8
HIGHCVE-2024-39394
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 19, 2024
-
5.5
MEDIUMCVE-2024-39395
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS). An attacker could exploit this vulnerability to crash the application, resulting in ... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 19, 2024
-
8.7
HIGHCVE-2024-39778
When a stateless virtual server is configured on BIG-IP system with a High-Speed Bridge (HSB), undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.... Read more
Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system big-ip_fraud_protection_service big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager +11 more products- Published: Aug. 14, 2024
- Modified: Aug. 19, 2024
-
8.7
HIGHCVE-2024-39792
When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.... Read more
Affected Products : nginx_plus- Published: Aug. 14, 2024
- Modified: Aug. 19, 2024
-
8.9
HIGHCVE-2024-39809
The Central Manager user session refresh token does not expire when a user logs out. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated... Read more
Affected Products : big-ip_next_central_manager- Published: Aug. 14, 2024
- Modified: Aug. 19, 2024
-
7.5
HIGHCVE-2024-39949
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.... Read more
- Published: Jul. 31, 2024
- Modified: Aug. 19, 2024
-
7.5
HIGHCVE-2024-39948
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.... Read more
- Published: Jul. 31, 2024
- Modified: Aug. 19, 2024
-
6.5
MEDIUMCVE-2024-39947
A vulnerability has been found in Dahua products.After obtaining the ordinary user's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash.... Read more
- Published: Jul. 31, 2024
- Modified: Aug. 19, 2024
-
7.8
HIGHCVE-2024-39389
InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in th... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 19, 2024
-
7.2
HIGHCVE-2024-39946
A vulnerability has been found in Dahua products.After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing device initialization.... Read more
- Published: Jul. 31, 2024
- Modified: Aug. 19, 2024
-
6.9
MEDIUMCVE-2024-7912
A vulnerability was found in CodeAstro Online Railway Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/assets/. The manipulation leads to exposure of information through directory list... Read more
Affected Products : online_railway_reservation_system- Published: Aug. 18, 2024
- Modified: Aug. 19, 2024
-
9.8
CRITICALCVE-2024-39950
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization.... Read more
- Published: Jul. 31, 2024
- Modified: Aug. 19, 2024
-
9.8
CRITICALCVE-2024-7913
A vulnerability was found in itsourcecode Billing System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /addclient1.php. The manipulation of the argument lname/fname/mi/address/contact/meterReader leads to sql i... Read more
Affected Products : billing_system- Published: Aug. 18, 2024
- Modified: Aug. 19, 2024
-
5.4
MEDIUMCVE-2024-7914
A vulnerability classified as problematic has been found in SourceCodester Yoga Class Registration System 1.0. Affected is an unknown function of the file /php-ycrs/classes/SystemSettings.php. The manipulation of the argument address leads to cross site s... Read more
- Published: Aug. 18, 2024
- Modified: Aug. 19, 2024
-
7.5
HIGHCVE-2024-39944
A vulnerability has been found in Dahua products.Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.... Read more
- Published: Jul. 31, 2024
- Modified: Aug. 19, 2024
-
9.0
HIGHCVE-2024-7832
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 ... Read more
Affected Products : dns-320_firmware dnr-322l_firmware dns-320l_firmware dns-320l dns-120_firmware dns-120 dnr-202l_firmware dnr-202l dns-315l_firmware dns-315l +30 more products- Published: Aug. 15, 2024
- Modified: Aug. 19, 2024
-
9.8
CRITICALCVE-2024-7833
A vulnerability was found in D-Link DI-8100 16.07. It has been classified as critical. This affects the function upgrade_filter_asp of the file upgrade_filter.asp. The manipulation of the argument path leads to command injection. It is possible to initiat... Read more
- Published: Aug. 15, 2024
- Modified: Aug. 19, 2024