1251
|
- |
|
-
|
-
|
A CWE-693 “Protection Mechanism Failure” vulnerability in the embedded Chromium browser (concerning the handling of alternative URLs, other than “ http://localhost” ) allows a physical attacker to re…
|
CWE-184
Incomplete Blacklist
|
CVE-2023-45593
|
2024-09-30 19:15 |
2024-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1252
|
8.1 |
HIGH
Adjacent
|
bluemark
|
dronescout_ds230_firmware
|
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection.
An attacker can exploit this vulnerability by injecting, on …
|
CWE-223
|
CVE-2023-31191
|
2024-09-30 19:15 |
2023-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1253
|
8.1 |
HIGH
Network
|
bluemark
|
dronescout_ds230_firmware
|
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure.
Specifically, the firmware update procedur…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-31190
|
2024-09-30 19:15 |
2023-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1254
|
6.8 |
MEDIUM
Adjacent
|
bluemark
|
dronescout_ds230_firmware
|
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection.
An attacker can exploit this vulnerability by injecting, at t…
|
CWE-223
|
CVE-2023-29156
|
2024-09-30 19:15 |
2023-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1255
|
- |
|
-
|
-
|
In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is '/management/domain'. By modifyin…
|
-
|
CVE-2024-9329
|
2024-09-30 17:15 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1256
|
- |
|
-
|
-
|
A Local File Inclusion vulnerability exists in parisneo/lollms-webui versions below v9.8. The vulnerability is due to unverified path concatenation in the `serve_js` function in `app.py`, which allow…
|
CWE-29
Path Traversal: '\..\filename'
|
CVE-2024-6394
|
2024-09-30 17:15 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1257
|
- |
|
-
|
-
|
In Nintendo Mario Kart 8 Deluxe before 3.0.3, the LAN/LDN local multiplayer implementation allows a remote attacker to exploit a stack-based buffer overflow upon deserialization of session informatio…
|
-
|
CVE-2024-45200
|
2024-09-30 17:15 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1258
|
- |
|
-
|
-
|
Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of a password. If this vulnerability is exploited, an attacker with physical access to the device may re…
|
-
|
CVE-2024-42496
|
2024-09-30 17:15 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1259
|
- |
|
-
|
-
|
Smart-tab Android app installed April 2023 or earlier contains an active debug code vulnerability. If this vulnerability is exploited, an attacker with physical access to the device may exploit the d…
|
-
|
CVE-2024-41999
|
2024-09-30 17:15 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1260
|
7.8 |
HIGH
Local
|
google
|
android
|
In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional executio…
|
NVD-CWE-noinfo
|
CVE-2023-35674
|
2024-09-30 10:35 |
2023-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|