881
|
- |
|
-
|
-
|
Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. If a malicious CVAT user with permissions to either create a task, or edit an existing ta…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47063
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
882
|
- |
|
-
|
-
|
TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm.
|
-
|
CVE-2024-46313
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
883
|
- |
|
-
|
-
|
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin…
|
-
|
CVE-2024-46293
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
884
|
- |
|
-
|
-
|
PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a root-level account, without the possibility of changing them.
|
-
|
CVE-2024-46280
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
885
|
- |
|
-
|
-
|
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Using a crafted POST request, an unprivileged, registered user is able to retrieve information about other users' personal system profil…
|
CWE-200
Information Exposure
|
CVE-2024-45792
|
2024-10-1 00:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
886
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
gpio: prevent potential speculation leaks in gpio_device_get_desc()
Userspace may trigger a speculative read of an address outsid…
|
NVD-CWE-noinfo
|
CVE-2024-44931
|
2024-10-1 00:15 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
887
|
4.6 |
MEDIUM
Physics
|
proges
|
sensor_net_connect_firmware_v2
|
A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-3082
|
2024-10-1 00:15 |
2024-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
888
|
5.5 |
MEDIUM
Local
|
proges
|
thermoscan_ip
|
A “CWE-121: Stack-based Buffer Overflow” in the wd210std.dll dynamic library packaged with the ThermoscanIP installer allows a local attacker to possibly trigger a Denial-of-Service (DoS) condition o…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-31203
|
2024-10-1 00:15 |
2024-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
889
|
7.8 |
HIGH
Local
|
proges
|
thermoscan_ip
|
A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-31202
|
2024-10-1 00:15 |
2024-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
890
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()
xattr in ocfs2 maybe 'non-indexed', which saved with addition…
|
-
|
CVE-2024-41016
|
2024-10-1 00:15 |
2024-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|