191
|
- |
|
-
|
-
|
Weak Authentication vulnerability in Drupal Two-factor Authentication (TFA) allows Authentication Abuse.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.5.0.
New
|
-
|
CVE-2024-13239
|
2025-01-11 03:15 |
2025-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
192
|
8.8 |
HIGH
Network
|
codezips
|
blood_bank_management_system
|
A vulnerability was found in Codezips Blood Bank Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /successadmin.php. The manipulation…
Update
|
CWE-89
SQL Injection
|
CVE-2025-0232
|
2025-01-11 02:36 |
2025-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
193
|
4.8 |
MEDIUM
Network
|
zerowdd
|
studentmanager
|
A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects the function submitAddRole of the file src/main/java/com/zero/system/controlle…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-13142
|
2025-01-11 02:32 |
2025-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
194
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/sched: netem: account for backlog updates from child qdisc
In general, 'qlen' of any classful qdisc should keep track of the
…
New
|
NVD-CWE-noinfo
|
CVE-2024-56770
|
2025-01-11 02:32 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
195
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mtd: spinand: winbond: Fix 512GW, 01GW, 01JW and 02JW ECC information
These four chips:
* W25N512GW
* W25N01GW
* W25N01JW
* W25N0…
New
|
NVD-CWE-noinfo
|
CVE-2024-56771
|
2025-01-11 02:28 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
196
|
9.8 |
CRITICAL
Network
codezips
|
project_management_system
|
A vulnerability was found in Codezips Project Management System 1.0. It has been classified as critical. This affects an unknown part of the file /pages/forms/course.php. The manipulation of the argu…
Update
|
CWE-89
SQL Injection
|
CVE-2025-0233
|
2025-01-11 02:28 |
2025-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
197
|
7.8 |
HIGH
Local
|
qualcomm
|
fastconnect_6700_firmware fastconnect_6900_firmware fastconnect_7800_firmware qcm4490_firmware qcs4490_firmware snapdragon_8_gen_3_mobile_firmware snapdragon_8\+_gen_1_mobile_firmwa…
|
Memory corruption while processing IPA statistics, when there are no active clients registered.
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-21464
|
2025-01-11 02:22 |
2025-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
198
|
5.5 |
MEDIUM
Local
|
qualcomm
|
qam8255p_firmware qam8295p_firmware qam8650p_firmware qam8775p_firmware qamsrv1h_firmware qca6595_firmware qca6595au_firmware qca6696_firmware qca6698aq_firmware sa8255p_fi…
|
Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size.
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2024-23366
|
2025-01-11 02:20 |
2025-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
199
|
- |
|
-
|
-
|
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
New
|
-
|
CVE-2024-57214
|
2025-01-11 02:15 |
2025-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
200
|
- |
|
-
|
-
|
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability via the newpasswd parameter in the action_passwd function.
New
|
-
|
CVE-2024-57213
|
2025-01-11 02:15 |
2025-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|