|
2531
|
7.5 |
HIGH
Network
servicenow
|
servicenow
|
ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. Serv…
|
CWE-89
SQL Injection
|
CVE-2024-8924
|
2024-11-8 02:16 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2532
|
7.8 |
HIGH
Local
|
autodesk
|
autocad_architecture
autocad_electrical
autocad_mechanical
autocad_mep
autocad_plant_3d
civil_3d
advance_steel
autocad
|
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cau…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8587
|
2024-11-8 02:15 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2533
|
3.3 |
LOW
Local
|
hashicorp
|
vagrant_vmware_utility
|
The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path that could be modified by an unprivileged user, introducing potential for unauthorized file system wr…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-10228
|
2024-11-8 02:12 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2534
|
8.8 |
HIGH
Network
|
anisha
|
university_event_management_system
|
A vulnerability was found in code-projects University Event Management System 1.0. It has been classified as critical. This affects an unknown part of the file doedit.php. The manipulation of the arg…
|
CWE-89
SQL Injection
|
CVE-2024-10805
|
2024-11-8 02:09 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2535
|
6.5 |
MEDIUM
Network
|
tenda
|
i22_firmware
|
A vulnerability has been found in Tenda i22 1.0.0.3(4687) and classified as problematic. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV?fgHPOST/goform/SysToo…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-10750
|
2024-11-8 02:09 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2536
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
powerpc/bpf/32: Fix Oops on tail call tests
test_bpf tail call tests end up as:
test_bpf: #0 Tail call leaf jited:1 85 PASS
…
|
CWE-787
Out-of-bounds Write
|
CVE-2022-48998
|
2024-11-8 02:08 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2537
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
char: tpm: Protect tpm_pm_suspend with locks
Currently tpm transactions are executed unconditionally in
tpm_pm_suspend() function…
|
NVD-CWE-noinfo
|
CVE-2022-48997
|
2024-11-8 02:07 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2538
|
8.8 |
HIGH
Network
|
ithemelandco
|
woocommerce_report
|
The WooCommerce Report plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.1. This is due to missing or incorrect nonce validation on the settin…
|
CWE-352
Origin Validation Error
|
CVE-2024-10711
|
2024-11-8 02:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2539
|
8.1 |
HIGH
Network
|
wpwebelite
|
woocommerce_-_social_login
|
The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.7.7. This is due to insufficient verification on the user being retu…
|
NVD-CWE-noinfo
|
CVE-2024-10114
|
2024-11-8 02:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2540
|
5.5 |
MEDIUM
Local
|
huawei
|
harmonyos
|
Vulnerability of parameter type not being verified in the WantAgent module
Impact: Successful exploitation of this vulnerability may affect availability.
|
NVD-CWE-noinfo
|
CVE-2024-51512
|
2024-11-8 02:03 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
