|
101
|
- |
|
-
|
-
|
In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing bounds check. This could lead to remote arbitrary code execution with no additional execution privilege…
New
|
-
|
CVE-2018-9341
|
2024-11-20 06:56 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
102
|
- |
|
-
|
-
|
In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure.
New
|
-
|
CVE-2018-9340
|
2024-11-20 06:56 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
103
|
- |
|
-
|
-
|
In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. This could lead to local escalation of privilege with no additional ex…
New
|
-
|
CVE-2018-9339
|
2024-11-20 06:56 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
104
|
5.4 |
MEDIUM
Network
|
oretnom23
|
online_eyewear_shop
|
A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php…
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2024-11247
|
2024-11-20 06:55 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
105
|
5.4 |
MEDIUM
Network
|
emlog
|
emlog
|
emlog pro <=2.3.18 is vulnerable to Cross Site Scripting (XSS), which allows attackers to write malicious JavaScript code in published articles.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-50655
|
2024-11-20 06:51 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
106
|
8.8 |
HIGH
Network
|
gogs
|
gogs
|
Gogs <=0.13.0 is vulnerable to Directory Traversal via the editFilePost function of internal/route/repo/editor.go.
Update
|
CWE-22
Path Traversal
|
CVE-2024-44625
|
2024-11-20 06:51 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
107
|
8.2 |
HIGH
Network
ibm
|
engineering_lifecycle_optimization_-_engineering_insights
|
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit …
Update
|
CWE-611
XXE
|
CVE-2024-39726
|
2024-11-20 06:51 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
108
|
8.8 |
HIGH
Network
|
tenda
|
ac10_firmware
|
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. Affected by this issue is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of …
Update
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2024-11248
|
2024-11-20 06:51 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
109
|
9.8 |
CRITICAL
Network
1000projects
|
portfolio_management_system_mca
|
A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. This issue affects some unknown processing of the file /login.php. The manipulation of the a…
Update
|
CWE-89
SQL Injection
|
CVE-2024-11256
|
2024-11-20 06:49 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
110
|
6.1 |
MEDIUM
Network
|
code-projects
|
farmacia
|
A vulnerability, which was classified as problematic, has been found in code-projects Farmacia 1.0. This issue affects some unknown processing of the file /fornecedores.php. The manipulation leads to…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-11259
|
2024-11-20 06:47 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
