2421
|
7.5 |
HIGH
Network
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sCloudPass parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted …
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46586
|
2024-09-25 01:40 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2422
|
7.5 |
HIGH
Network
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at usergrp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craf…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46585
|
2024-09-25 01:40 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2423
|
7.5 |
HIGH
Network
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the AControlIp1 parameter at acontrol.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craf…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46584
|
2024-09-25 01:40 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2424
|
7.5 |
HIGH
Network
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the extRadSrv2 parameter at cgiapp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46583
|
2024-09-25 01:40 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2425
|
7.5 |
HIGH
Network
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the iprofileidx parameter at dialin.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafte…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46598
|
2024-09-25 01:37 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2426
|
5.5 |
MEDIUM
Local
|
apple
|
ipados iphone_os macos visionos tvos watchos
|
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-27880
|
2024-09-25 01:34 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2427
|
9.8 |
CRITICAL
Network
superstorefinder
|
super_store_finder
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder allows SQL Injection.This issue affects Super Store Finder: from n/…
|
CWE-89
SQL Injection
|
CVE-2024-43976
|
2024-09-25 01:32 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2428
|
9.9 |
CRITICAL
Network
|
tuzitio
|
camaleon_cms
|
Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authentic…
|
CWE-22
Path Traversal
|
CVE-2024-46986
|
2024-09-25 01:30 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2429
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file…
|
CWE-59
Link Following
|
CVE-2024-44178
|
2024-09-25 01:28 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2430
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A privacy issue was addressed by removing sensitive data. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data.
|
NVD-CWE-noinfo
|
CVE-2024-44177
|
2024-09-25 01:28 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|