Latest CVE Feed
-
0.0
NACVE-2024-56676
In the Linux kernel, the following vulnerability has been resolved: thermal: testing: Initialize some variables annoteded with _free() Variables annotated with __free() need to be initialized if the function can return before they get updated for the fi... Read more
Affected Products : linux_kernel- Published: Dec. 28, 2024
- Modified: Dec. 28, 2024
-
8.1
HIGHCVE-2023-52718
A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-34408) This vulnerability has been assigned a (CVE)ID:CVE-2023-5271... Read more
Affected Products : ws7206-10_firmware ws7206-10 pt9030-15_firmware pt9030-15 ws7290-15_firmware ws7290-15 ws8000-10_firmware ws8000-10 ws8001-10_firmware ws8001-10 +8 more products- Published: Dec. 28, 2024
- Modified: Jan. 13, 2025
-
8.1
HIGHCVE-2023-7266
Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-76605) This vulnerability has been assigned a (CVE)ID:CVE-2023-7266... Read more
Affected Products : ws7200-10_firmware ws7200-10 tc7001-10_firmware tc7001-10 ws7206-10_firmware ws7206-10- Published: Dec. 28, 2024
- Modified: Jan. 13, 2025
-
7.3
HIGHCVE-2023-7263
Some Huawei home music system products have a path traversal vulnerability. Successful exploitation of this vulnerability may cause unauthorized file deletion or file permission change.(Vulnerability ID:HWPSIRT-2023-53450) This vulnerability has been ass... Read more
Affected Products :- Published: Dec. 28, 2024
- Modified: Dec. 28, 2024
-
4.0
MEDIUMCVE-2022-48470
Huawei HiLink AI Life product has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.(Vulnerability ID:HWPSIRT-2022-42291) This vulnerability has been assigned... Read more
Affected Products :- Published: Dec. 28, 2024
- Modified: Dec. 28, 2024
-
7.8
HIGHCVE-2021-37000
Some Huawei wearables have a permission management vulnerability.... Read more
Affected Products : harmonyos- Published: Dec. 28, 2024
- Modified: Mar. 18, 2025
-
7.5
HIGHCVE-2021-22484
Some Huawei wearables have a vulnerability of not verifying the actual data size when reading data. Successful exploitation of this vulnerability may cause a server out of memory (OOM).... Read more
Affected Products : harmonyos- Published: Dec. 28, 2024
- Modified: Mar. 18, 2025
-
5.3
MEDIUMCVE-2020-1824
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet... Read more
- Published: Dec. 28, 2024
- Modified: Jan. 13, 2025
-
5.3
MEDIUMCVE-2020-1823
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet... Read more
- Published: Dec. 28, 2024
- Modified: Jan. 13, 2025
-
5.3
MEDIUMCVE-2020-1822
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet... Read more
- Published: Dec. 28, 2024
- Modified: Jan. 13, 2025
-
5.3
MEDIUMCVE-2020-1821
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet... Read more
- Published: Dec. 28, 2024
- Modified: Jan. 13, 2025
-
5.3
MEDIUMCVE-2020-1820
There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet... Read more
- Published: Dec. 28, 2024
- Modified: Jan. 13, 2025
-
7.8
HIGHCVE-2024-46973
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.... Read more
Affected Products : ddk- Published: Dec. 28, 2024
- Modified: Dec. 28, 2024
-
7.8
HIGHCVE-2024-46972
Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger use-after-free kernel exceptions.... Read more
Affected Products : ddk- Published: Dec. 28, 2024
- Modified: Mar. 13, 2025
-
7.8
HIGHCVE-2024-43705
Software installed and run as a non-privileged user can trigger the GPU kernel driver to write to arbitrary read-only system files that have been mapped into application memory.... Read more
Affected Products : ddk- Published: Dec. 28, 2024
- Modified: Dec. 28, 2024
-
4.8
MEDIUMCVE-2024-54775
Dcat-Admin v2.2.0-beta and v2.2.2-beta contains a Cross-Site Scripting (XSS) vulnerability via /admin/auth/menu and /admin/auth/extensions.... Read more
Affected Products : dcat_admin- Published: Dec. 27, 2024
- Modified: Apr. 22, 2025
-
4.8
MEDIUMCVE-2024-54774
Dcat Admin v2.2.0-beta contains a cross-site scripting (XSS) vulnerability in /admin/articles/create.... Read more
Affected Products : dcat_admin- Published: Dec. 27, 2024
- Modified: Apr. 21, 2025
-
7.5
HIGHCVE-2024-50714
A Server-Side Request Forgery (SSRF) in smarts-srl.com Smart Agent v.1.1.0 allows a remote attacker to obtain sensitive information via a crafted script to the /FB/getFbVideoSource.php component.... Read more
Affected Products :- Published: Dec. 27, 2024
- Modified: Dec. 28, 2024
-
9.8
CRITICALCVE-2024-50717
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the client parameter in the /recuperaLog.php component.... Read more
Affected Products : smart_agent- Published: Dec. 27, 2024
- Modified: Apr. 18, 2025
-
9.8
CRITICALCVE-2024-50716
SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the id parameter in the /sendPushManually.php component.... Read more
Affected Products : smart_agent- Published: Dec. 27, 2024
- Modified: Apr. 21, 2025