|
1031
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, has been found in ???????????? Lingdang CRM up to 8.6.4.3. Affected by this issue is some unknown functionality of the file /crm/wechatSession/index…
New
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-11122
|
2024-11-13 01:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1032
|
- |
|
-
|
-
|
A vulnerability classified as critical was found in ???????????? Lingdang CRM up to 8.6.4.3. Affected by this vulnerability is an unknown functionality of the file /crm/WeiXinApp/marketing/index.php?…
New
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11121
|
2024-11-13 01:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1033
|
- |
|
-
|
-
|
A vulnerability classified as critical has been found in Jinher Network Collaborative Management Platform ??????????? 1.0. Affected is an unknown function of the file /C6/JHSoft.Web.AcceptAip/AcceptS…
Update
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11060
|
2024-11-13 01:15 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1034
|
5.5 |
MEDIUM
Local
|
debian
redhat
fedoraproject
linux
|
debian_linux
enterprise_linux
fedora
linux_kernel
|
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does …
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-1151
|
2024-11-13 01:15 |
2024-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1035
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating sys…
Update
|
NVD-CWE-noinfo
|
CVE-2024-0340
|
2024-11-13 01:15 |
2024-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1036
|
7.1 |
HIGH
Local
|
samsung
|
android
|
Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities.
Update
|
NVD-CWE-noinfo
|
CVE-2024-49401
|
2024-11-13 01:10 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1037
|
7.1 |
HIGH
Local
|
samsung
|
android
|
Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege.
Update
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-34679
|
2024-11-13 01:09 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1038
|
4.6 |
MEDIUM
Physics
|
samsung
|
android
|
Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen.
Update
|
NVD-CWE-noinfo
|
CVE-2024-34675
|
2024-11-13 01:08 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1039
|
4.6 |
MEDIUM
Physics
|
samsung
|
android
|
Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles.
Update
|
NVD-CWE-noinfo
|
CVE-2024-34674
|
2024-11-13 01:08 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1040
|
3.3 |
LOW
Local
|
samsung
|
android
|
Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate.
Update
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2024-34677
|
2024-11-13 01:07 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
