771
|
7.5 |
HIGH
Network
syrotech
|
sy-gpon-1110-wdont_firmware
|
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for the session cookies associated with the router's web management interface. An attacker with remote acc…
Update
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-41685
|
2024-10-10 21:48 |
2024-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
772
|
9.8 |
CRITICAL
Network
hp
|
3par_service_processor_firmware
|
The vulnerability could be remotely exploited to bypass authentication.
Update
|
NVD-CWE-noinfo
|
CVE-2024-22442
|
2024-10-10 21:47 |
2024-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
773
|
4.8 |
MEDIUM
Network
|
ninjateam
|
wp_chat_app
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NinjaTeam WP Chat App allows Stored XSS.This issue affects WP Chat App: from n/a through 3.4.4.
Update
|
-
|
CVE-2023-51370
|
2024-10-10 21:46 |
2024-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
774
|
8.8 |
HIGH
Network
|
idccms
|
idccms
|
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/serverFile_deal.php?mudi=upFileDel&dataID=3
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-40334
|
2024-10-10 21:40 |
2024-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
775
|
7.8 |
HIGH
Local
|
microsoft
|
windows_server_2008 windows_server_2012 windows_10_1507 windows_10_1607 windows_server_2016 windows_11_23h2 windows_10_22h2 windows_11_21h2 windows_server_2022 windows_10_2…
|
Windows Graphics Component Elevation of Privilege Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-38085
|
2024-10-10 21:39 |
2024-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
776
|
6.5 |
MEDIUM
Network
|
livemesh
|
elementor_addons
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Livemesh Livemesh Addons for Elementor.This issue affects Livemesh Addons for Elementor: from n/a throu…
Update
|
CWE-22
Path Traversal
|
CVE-2024-37547
|
2024-10-10 21:37 |
2024-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
777
|
7.5 |
HIGH
Network
mayurik
|
best_house_rental_management_system
|
Best House Rental Management System v1.0 was discovered to contain an arbitrary file read vulnerability via the Page parameter at index.php. This vulnerability allows attackers to read arbitrary PHP …
Update
|
NVD-CWE-Other
|
CVE-2024-39210
|
2024-10-10 21:35 |
2024-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
778
|
5.3 |
MEDIUM
Network
splunk
|
splunk splunk_cloud_platform
|
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by d…
Update
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-36996
|
2024-10-10 21:30 |
2024-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
779
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Skip Recompute DSC Params if no Stream on Link
[why]
Encounter NULL pointer dereference uner mst + dsc setup.
B…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-43895
|
2024-10-10 21:15 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
780
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues'
Writing 'power' and 'submit_queues' concurrently…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-36478
|
2024-10-10 21:15 |
2024-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|