|
2391
|
7.5 |
HIGH
Network
zimaspace
|
zimaos
|
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the API endpoints in ZimaOS, such as `http://<Server-IP>/v1/use…
|
CWE-862
Missing Authorization
|
CVE-2024-49357
|
2024-11-7 00:28 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2392
|
7.5 |
HIGH
Network
zimaspace
|
zimaos
|
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the API endpoint `http://<Zima_Server_IP:PORT>/v2_1/file` in Zi…
|
CWE-22
Path Traversal
|
CVE-2024-49359
|
2024-11-7 00:27 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2393
|
5.3 |
MEDIUM
Network
zimaspace
|
zimaos
|
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the API endpoint `http://<Server-IP>/v1/users/login` in ZimaOS …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-49358
|
2024-11-7 00:27 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2394
|
5.5 |
MEDIUM
Local
|
openatom
|
openharmony
|
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read.
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47402
|
2024-11-7 00:26 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2395
|
7.8 |
HIGH
Local
|
openatom
|
openharmony
|
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47137
|
2024-11-7 00:26 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2396
|
7.8 |
HIGH
Local
|
openatom
|
openharmony
|
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double free.
|
CWE-415
Double Free
|
CVE-2024-47404
|
2024-11-7 00:25 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2397
|
5.3 |
MEDIUM
Network
zimaspace
|
zimaos
|
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the API endpoint `http://<Server-ip>/v1/users/name` allows unau…
|
CWE-862
Missing Authorization
|
CVE-2024-48932
|
2024-11-7 00:25 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2398
|
7.8 |
HIGH
Local
|
openatom
|
openharmony
|
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47797
|
2024-11-7 00:24 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2399
|
7.5 |
HIGH
Network
anisha
|
e-health_care_system
|
A vulnerability was found in code-projects E-Health Care System 1.0. It has been classified as critical. Affected is an unknown function of the file Doctor/app_request.php. The manipulation of the ar…
|
CWE-89
SQL Injection
|
CVE-2024-10810
|
2024-11-7 00:16 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2400
|
3.4 |
LOW
Physics
|
opensc_project
redhat
fedoraproject
|
opensc
enterprise_linux
fedora
|
The use-after-free vulnerability was found in the AuthentIC driver in OpenSC packages, occuring in the card enrolment process using pkcs15-init when a user or administrator enrols or modifies cards. …
|
CWE-416
Use After Free
|
CVE-2024-1454
|
2024-11-7 00:15 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
