Latest CVE Feed
-
7.1
HIGHCVE-2024-51557
This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoint which could lead t... Read more
- Published: Nov. 04, 2024
- Modified: Nov. 08, 2024
-
7.1
HIGHCVE-2024-51556
This vulnerability exists in the Wave 2.0 due to insufficient encryption of sensitive data received at the API response. An authenticated remote attacker could exploit this vulnerability by manipulating API input parameters through API request URL/payload... Read more
- Published: Nov. 04, 2024
- Modified: Nov. 22, 2024
-
8.8
HIGHCVE-2024-36485
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in Technician reports option.... Read more
Affected Products : manageengine_adaudit_plus- Published: Nov. 04, 2024
- Modified: Nov. 07, 2024
-
4.6
MEDIUMCVE-2024-10523
This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-... Read more
- Published: Nov. 04, 2024
- Modified: Nov. 08, 2024
-
9.8
CRITICALCVE-2024-10035
Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics Security Technologies CoslatV3 allows Command Injection.This issue affects CoslatV3: through 3.1069. NOTE: The vendor was contacted and it was learned that t... Read more
Affected Products : coslat- Published: Nov. 04, 2024
- Modified: Nov. 08, 2024
-
9.1
CRITICALCVE-2024-51661
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in David Lingren Media Library Assistant allows Command Injection.This issue affects Media Library Assistant: from n/a through 3.19.... Read more
Affected Products : media_library_assistant- Published: Nov. 04, 2024
- Modified: Nov. 08, 2024
-
8.8
HIGHCVE-2024-48878
Zohocorp ManageEngine ADManager Plus versions 7241 and prior are vulnerable to SQL Injection in Archived Audit Report.... Read more
Affected Products : manageengine_admanager_plus- Published: Nov. 04, 2024
- Modified: Nov. 05, 2024
-
7.5
HIGHCVE-2024-10389
There exists a Path Traversal vulnerability in Safearchive on Platforms with Case-Insensitive Filesystems (e.g., NTFS). This allows Attackers to Write Arbitrary Files via Archive Extraction containing symbolic links. We recommend upgrading past commit f7c... Read more
Affected Products : safearchive- Published: Nov. 04, 2024
- Modified: Jul. 23, 2025
-
7.8
HIGHCVE-2024-38424
Memory corruption during GNSS HAL process initialization.... Read more
Affected Products : qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sd_8_gen1_5g_firmware sw5100_firmware sw5100p_firmware wcd9341_firmware +230 more products- Published: Nov. 04, 2024
- Modified: Nov. 07, 2024
-
7.8
HIGHCVE-2024-38423
Memory corruption while processing GPU page table switch.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +406 more products- Published: Nov. 04, 2024
- Modified: Nov. 07, 2024
-
7.8
HIGHCVE-2024-38422
Memory corruption while processing voice packet with arbitrary data received from ADSP.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +531 more products- Published: Nov. 04, 2024
- Modified: Nov. 07, 2024
-
7.8
HIGHCVE-2024-38421
Memory corruption while processing GPU commands.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware sw5100_firmware +147 more products- Published: Nov. 04, 2024
- Modified: Nov. 07, 2024
-
7.8
HIGHCVE-2024-38419
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware +289 more products- Published: Nov. 04, 2024
- Modified: Nov. 07, 2024
-
7.8
HIGHCVE-2024-38415
Memory corruption while handling session errors from firmware.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware +350 more products- Published: Nov. 04, 2024
- Modified: Nov. 07, 2024
-
7.8
HIGHCVE-2024-38410
Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware wsa8830_firmware wsa8835_firmware qcm6490_firmware qcs6490_firmware wcd9370_firmware wcd9375_firmware wcn3660b_firmware fastconnect_6900_firmware +40 more products- Published: Nov. 04, 2024
- Modified: Nov. 07, 2024
-
7.8
HIGHCVE-2024-38409
Memory corruption while station LL statistic handling.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware wsa8830_firmware wsa8835_firmware qcm6490_firmware qcs6490_firmware wcd9370_firmware wcd9375_firmware wcn3660b_firmware fastconnect_6900_firmware +41 more products- Published: Nov. 04, 2024
- Modified: Nov. 07, 2024
-
9.1
CRITICALCVE-2024-38408
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +460 more products- Published: Nov. 04, 2024
- Modified: Nov. 08, 2024
-
7.8
HIGHCVE-2024-38407
Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +78 more products- Published: Nov. 04, 2024
- Modified: Nov. 07, 2024
-
7.8
HIGHCVE-2024-38406
Memory corruption while handling IOCTL calls in JPEG Encoder driver.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +78 more products- Published: Nov. 04, 2024
- Modified: Nov. 07, 2024
-
7.5
HIGHCVE-2024-38405
Transient DOS while processing the CU information from RNR IE.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware wcd9380_firmware +190 more products- Published: Nov. 04, 2024
- Modified: Nov. 07, 2024