131
|
- |
|
-
|
-
|
Active debug code vulnerability exists in MZK-MF300N all firmware versions. If a logged-in user who knows how to use the debug function accesses the device's management page, an unintended operation …
Update
|
-
|
CVE-2024-30219
|
2024-10-27 12:35 |
2024-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
132
|
- |
|
-
|
-
|
Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injec…
Update
|
-
|
CVE-2024-30879
|
2024-10-27 12:35 |
2024-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
133
|
- |
|
-
|
-
|
HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacent unauthenticated attacker may connect to the product via SSH and use a shell.
Update
|
-
|
CVE-2024-21865
|
2024-10-27 12:35 |
2024-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
134
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Blood Bank Management 1.0 and classified as critical. This issue affects some unknown processing of the file /file/accept.php. The manipulation of the argum…
New
|
CWE-89
SQL Injection
|
CVE-2024-10409
|
2024-10-27 12:15 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
135
|
- |
|
-
|
-
|
A vulnerability has been found in code-projects Blood Bank Management up to 1.0 and classified as critical. This vulnerability affects unknown code of the file /abs.php. The manipulation of the argum…
New
|
CWE-89
SQL Injection
|
CVE-2024-10408
|
2024-10-27 12:15 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
136
|
- |
|
-
|
-
|
A stack buffer overflow was addressed through improved input validation. This issue is fixed in Apple TV 1.5.0.152 for Windows, iTunes 12.13.3 for Windows. Parsing a maliciously crafted video file ma…
Update
|
-
|
CVE-2024-44157
|
2024-10-27 11:35 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
137
|
- |
|
-
|
-
|
Inadequate escaping of mail addresses lead to XSS vulnerabilities in various components.
Update
|
-
|
CVE-2024-21725
|
2024-10-27 11:35 |
2024-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
138
|
8.8 |
HIGH
Network
|
elecom
|
wrc-2533gs2-b_firmware wrc-2533gs2-w_firmware wrc-2533gs2v-b_firmware wrc-x6000xs-g_firmware wrc-x1500gs-b_firmware wrc-x1500gsa-b_firmware
|
Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a malicious page while logging in to the affected product with an administrative privilege, the user may be dir…
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-40883
|
2024-10-27 10:35 |
2024-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
139
|
5.5 |
MEDIUM
Local
|
apple
|
macos iphone_os ipados
|
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Monterey 12.7.6, macOS Ventura 13.6.8. A shortcut may be able to use se…
Update
|
NVD-CWE-noinfo
|
CVE-2024-40833
|
2024-10-27 10:35 |
2024-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
140
|
5.5 |
MEDIUM
Local
|
apple
|
macos ipados iphone_os watchos tvos visionos
|
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, watchOS…
Update
|
CWE-843
Type Confusion
|
CVE-2024-40788
|
2024-10-27 10:35 |
2024-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|