1881
|
5.9 |
MEDIUM
Network
|
clusterlabs redhat
|
booth enterprise_linux enterprise_linux_eus enterprise_linux_server_update_services_for_sap_solutions enterprise_linux_for_power_little_endian_eus enterprise_linux_for_ibm_z_systems_eu…
|
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2024-3049
|
2024-09-14 07:15 |
2024-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1882
|
- |
|
-
|
-
|
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop() method, the `data` pointer to a stack-allocated virNetClientIOEv…
|
CWE-416
Use After Free
|
CVE-2024-4418
|
2024-09-14 07:15 |
2024-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1883
|
7.5 |
HIGH
Network
fastadmin
|
fastadmin
|
A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipula…
|
CWE-22
Path Traversal
|
CVE-2024-7928
|
2024-09-14 06:33 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1884
|
9.8 |
CRITICAL
Network
eyecix
|
jobsearch_wp_job_board
|
Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.3.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-43931
|
2024-09-14 06:22 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1885
|
5.4 |
MEDIUM
Network
|
qnap
|
notes_station_3
|
A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We hav…
|
CWE-79
Cross-site Scripting
|
CVE-2024-27122
|
2024-09-14 06:16 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1886
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
|
-
|
CVE-2024-40430
|
2024-09-14 06:15 |
2024-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1887
|
8.8 |
HIGH
Network
|
qnap
|
qts quts_hero
|
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.
QuTSclou…
|
CWE-78
OS Command
|
CVE-2023-34974
|
2024-09-14 06:14 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1888
|
6.2 |
MEDIUM
Local
|
huawei
|
emui harmonyos
|
Vulnerability of uncaught exceptions in the Graphics module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-42037
|
2024-09-14 06:13 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1889
|
6.1 |
MEDIUM
Network
|
qnap
|
qulog_center
|
A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow users to inject malicious code via a network.
We have already fixed t…
|
CWE-79
Cross-site Scripting
|
CVE-2024-32762
|
2024-09-14 06:10 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1890
|
7.5 |
HIGH
Network
huawei
|
harmonyos emui
|
Access permission verification vulnerability in the Notepad module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-42036
|
2024-09-14 06:09 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|