|
741
|
7.5 |
HIGH
Network
vocera
|
voice_server
report_server
|
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows…
Update
|
CWE-22
Path Traversal
|
CVE-2022-46902
|
2024-10-30 23:35 |
2023-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
742
|
7.5 |
HIGH
Network
golang
|
go
|
Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL v…
Update
|
NVD-CWE-Other
|
CVE-2022-41716
|
2024-10-30 23:35 |
2022-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
743
|
5.5 |
MEDIUM
Local
|
mariadb
|
mariadb
|
MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/ds_xbstream.cc, when an error occurs (stream_ctxt->dest_file == NULL) while executing the method xbstream_open, the…
Update
|
CWE-667
Improper Locking
|
CVE-2022-31621
|
2024-10-30 23:35 |
2022-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
744
|
7.5 |
HIGH
Network
nothings
|
stb_truetype.h
|
stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer …
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2022-25514
|
2024-10-30 23:35 |
2022-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
745
|
5.4 |
MEDIUM
Network
|
vtiger
|
vtiger_crm
|
Vtiger CRM v8.2.0 has a HTML Injection vulnerability in the module parameter. Authenticated users can inject arbitrary HTML.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-48119
|
2024-10-30 23:32 |
2024-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
746
|
9.8 |
CRITICAL
Network
eyecix
|
jobsearch
|
Deserialization of Untrusted Data vulnerability in Eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.9.
Update
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-47636
|
2024-10-30 23:32 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
747
|
8.8 |
HIGH
Network
|
samsung
|
android
|
Out-of-bounds write in parsing h.263 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required f…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-34668
|
2024-10-30 23:31 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
748
|
9.8 |
CRITICAL
Network
fabianros
|
hospital_management_system
|
A vulnerability was found in code-projects Hospital Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/add-doctor.php. The manipulatio…
Update
|
CWE-89
SQL Injection
|
CVE-2024-10350
|
2024-10-30 23:29 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
749
|
8.8 |
HIGH
Network
|
samsung
|
android
|
Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required f…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-34667
|
2024-10-30 23:29 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
750
|
8.8 |
HIGH
Network
|
samsung
|
android
|
Out-of-bounds write in parsing h.264 format in a specific mode in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User intera…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-34666
|
2024-10-30 23:29 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
