701
|
- |
|
-
|
-
|
Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account may retrieve certain information about any project, task,…
New
|
CWE-863
Incorrect Authorization
|
CVE-2024-47172
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
702
|
- |
|
-
|
-
|
Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. If an attacker can trick a logged-in CVAT user into visiting a maliciously-constructed UR…
New
|
CWE-79 CWE-81
Cross-site Scripting
|
CVE-2024-47064
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
703
|
- |
|
-
|
-
|
Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. If a malicious CVAT user with permissions to either create a task, or edit an existing ta…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-47063
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
704
|
- |
|
-
|
-
|
TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm.
New
|
-
|
CVE-2024-46313
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
705
|
- |
|
-
|
-
|
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin…
New
|
-
|
CVE-2024-46293
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
706
|
- |
|
-
|
-
|
PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a root-level account, without the possibility of changing them.
New
|
-
|
CVE-2024-46280
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
707
|
- |
|
-
|
-
|
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Using a crafted POST request, an unprivileged, registered user is able to retrieve information about other users' personal system profil…
New
|
CWE-200
Information Exposure
|
CVE-2024-45792
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
708
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
gpio: prevent potential speculation leaks in gpio_device_get_desc()
Userspace may trigger a speculative read of an address outsid…
Update
|
NVD-CWE-noinfo
|
CVE-2024-44931
|
2024-10-1 00:15 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
709
|
4.6 |
MEDIUM
Physics
|
proges
|
sensor_net_connect_firmware_v2
|
A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security…
Update
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-3082
|
2024-10-1 00:15 |
2024-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
710
|
5.5 |
MEDIUM
Local
|
proges
|
thermoscan_ip
|
A “CWE-121: Stack-based Buffer Overflow” in the wd210std.dll dynamic library packaged with the ThermoscanIP installer allows a local attacker to possibly trigger a Denial-of-Service (DoS) condition o…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-31203
|
2024-10-1 00:15 |
2024-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|