371
|
5.4 |
MEDIUM
Network
|
stirlingpdf
|
stirling_pdf
|
A vulnerability was found in Stirling-Tools Stirling-PDF up to 0.28.3. It has been declared as problematic. This vulnerability affects unknown code of the component Markdown-to-PDF. The manipulation …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9075
|
2024-10-1 00:27 |
2024-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
372
|
9.8 |
CRITICAL
Network
riello-ups
|
netman_204_firmware
|
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: throu…
Update
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2024-8878
|
2024-10-1 00:21 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
373
|
- |
|
-
|
-
|
Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account may retrieve certain information about any project, task,…
New
|
CWE-863
Incorrect Authorization
|
CVE-2024-47172
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
374
|
- |
|
-
|
-
|
Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. If an attacker can trick a logged-in CVAT user into visiting a maliciously-constructed UR…
New
|
CWE-79 CWE-81
Cross-site Scripting
|
CVE-2024-47064
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
375
|
- |
|
-
|
-
|
Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. If a malicious CVAT user with permissions to either create a task, or edit an existing ta…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-47063
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
376
|
- |
|
-
|
-
|
TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm.
New
|
-
|
CVE-2024-46313
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
377
|
- |
|
-
|
-
|
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin…
New
|
-
|
CVE-2024-46293
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
378
|
- |
|
-
|
-
|
PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a root-level account, without the possibility of changing them.
New
|
-
|
CVE-2024-46280
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
379
|
- |
|
-
|
-
|
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Using a crafted POST request, an unprivileged, registered user is able to retrieve information about other users' personal system profil…
New
|
CWE-200
Information Exposure
|
CVE-2024-45792
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
380
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
gpio: prevent potential speculation leaks in gpio_device_get_desc()
Userspace may trigger a speculative read of an address outsid…
Update
|
NVD-CWE-noinfo
|
CVE-2024-44931
|
2024-10-1 00:15 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|