Latest CVE Feed
-
6.7
MEDIUMCVE-2024-12510
If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires admin access and an active LDAP setup.... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: Feb. 03, 2025
- Vuln Type: Authentication
-
6.3
MEDIUMCVE-2025-24898
rust-openssl is a set of OpenSSL bindings for the Rust programming language. In affected versions `ssl::select_next_proto` can return a slice pointing into the `server` argument's buffer but with a lifetime bound to the `client` argument. In situations wh... Read more
- Published: Feb. 03, 2025
- Modified: Feb. 11, 2025
- Vuln Type: Memory Corruption
-
4.2
MEDIUMCVE-2024-57967
PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 has potentially elevated privileges in LDAP mapping.... Read more
Affected Products : privileged_access_manager- Published: Feb. 03, 2025
- Modified: Feb. 03, 2025
- Vuln Type: Authorization
-
5.4
MEDIUMCVE-2024-57175
A Stored Cross-Site Scripting (XSS) vulnerability was identified in the PHPGURUKUL Online Birth Certificate System v1.0 via the profile name to /user/certificate-form.php.... Read more
Affected Products : online_birth_certificate_system- Published: Feb. 03, 2025
- Modified: Mar. 28, 2025
- Vuln Type: Cross-Site Scripting
-
7.2
HIGHCVE-2024-56161
Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: Apr. 02, 2025
- Vuln Type: Misconfiguration
-
6.1
MEDIUMCVE-2024-54840
PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 does not properly address environment issues that can contribute to Host header injection.... Read more
Affected Products : privileged_access_manager- Published: Feb. 03, 2025
- Modified: Mar. 14, 2025
- Vuln Type: Misconfiguration
-
6.1
MEDIUMCVE-2024-53943
An issue was discovered in NRadio N8-180 NROS-1.9.2.n3.c5 devices. The /cgi-bin/luci/nradio/basic/radio endpoint is vulnerable to XSS via the 2.4 GHz and 5 GHz name parameters, allowing an attacker to execute JavaScript within the context of the current u... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Cross-Site Scripting
-
4.8
MEDIUMCVE-2024-53942
An issue was discovered on NRadio N8-180 NROS-1.9.2.n3.c5 devices. The /cgi-bin/luci/nradio/basic/radio endpoint is vulnerable to command injection via the 2.4 GHz and 5 GHz name parameters, allowing a remote attacker to execute arbitrary OS commands on t... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: Mar. 18, 2025
- Vuln Type: Injection
-
6.5
MEDIUMCVE-2024-36437
The com.enflick.android.TextNow (aka TextNow: Call + Text Unlimited) application 24.17.0.2 for Android enables any installed application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.enflick.an... Read more
Affected Products :- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Authorization
-
6.5
MEDIUMCVE-2024-55456
lunasvg v3.0.1 was discovered to contain a segmentation violation via the component gray_find_cell... Read more
Affected Products : lunasvg- Published: Feb. 03, 2025
- Modified: Apr. 15, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-49843
Memory corruption while processing IOCTL from user space to handle GPU AHB bus error.... Read more
Affected Products : qca6391_firmware sw5100_firmware sw5100p_firmware wcd9380_firmware wcd9385_firmware wcn3980_firmware wcn3988_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +94 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-49840
Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware fastconnect_6900_firmware fastconnect_7800_firmware qcc2073_firmware qcc2076_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wcd9380 +10 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Memory Corruption
-
9.8
CRITICALCVE-2024-49839
Memory corruption during management frame processing due to mismatch in T2LM info element.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware wcd9380_firmware +366 more products- Published: Feb. 03, 2025
- Modified: Aug. 11, 2025
- Vuln Type: Memory Corruption
-
8.2
HIGHCVE-2024-49838
Information disclosure while parsing the OCI IE with invalid length.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware +328 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2024-49837
Memory corruption while reading CPU state data during guest VM suspend.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa8295p_firmware qca6595_firmware qca6698aq_firmware sa8540p_firmware sa9000p_firmware qam8255p_firmware +42 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-49834
Memory corruption while power-up or power-down sequence of the camera sensor.... Read more
Affected Products : qca6391_firmware qca6595au_firmware sd_8_gen1_5g_firmware sw5100_firmware sw5100p_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wcn3980_firmware wcn3988_firmware +244 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-49833
Memory corruption can occur in the camera when an invalid CID is used.... Read more
Affected Products : qca6595au_firmware sd_8_gen1_5g_firmware wcd9380_firmware wcd9385_firmware wcn3988_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware wsa8835_firmware qca6595_firmware +150 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-49832
Memory corruption in Camera due to unusually high number of nodes passed to AXI port.... Read more
Affected Products : wcd9380_firmware wsa8830_firmware wsa8835_firmware qcs6490_firmware wsa8832_firmware wcn3660b_firmware fastconnect_6900_firmware fastconnect_7800_firmware sdm429w_firmware wcn3620_firmware +40 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
-
7.8
HIGHCVE-2024-45584
Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware sw5100_firmware +238 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-45582
Memory corruption while validating number of devices in Camera kernel .... Read more
Affected Products : wcd9380_firmware wcd9385_firmware wsa8830_firmware wsa8835_firmware qcs6490_firmware wcd9370_firmware wcd9375_firmware wsa8832_firmware fastconnect_6900_firmware fastconnect_7800_firmware +58 more products- Published: Feb. 03, 2025
- Modified: Feb. 05, 2025
- Vuln Type: Memory Corruption