|
141
|
- |
|
-
|
-
|
TOTOLINK EX200 V4.0.3c.7646_B20201211 does not contain an authentication mechanism by default.
Update
|
-
|
CVE-2024-31813
|
2024-11-20 05:35 |
2024-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
142
|
- |
|
-
|
-
|
Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF3…
Update
|
-
|
CVE-2024-28013
|
2024-11-20 05:35 |
2024-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
143
|
- |
|
-
|
-
|
Improper export of Android application components issue exists in 'ABEMA' App for Android prior to 10.65.0 allowing another app installed on the user's device to access an arbitrary URL on 'ABEMA' Ap…
Update
|
-
|
CVE-2024-28745
|
2024-11-20 05:35 |
2024-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
144
|
9.8 |
CRITICAL
Network
zimbra
|
collaboration
|
An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdc_preauth.jsp component.
Update
|
NVD-CWE-noinfo
|
CVE-2023-29382
|
2024-11-20 05:35 |
2023-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
145
|
5.5 |
MEDIUM
Local
|
php
redhat
|
php
enterprise_linux
software_collections
|
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2022-4900
|
2024-11-20 05:27 |
2023-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
146
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In the autofill service, the package name that is provided by the app process is trusted inappropriately. This could lead to information disclosure with no additional execution privileges needed. U…
Update
|
NVD-CWE-noinfo
|
CVE-2017-13227
|
2024-11-20 05:25 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
147
|
- |
|
mozilla
sun
gimp
littlecms
|
firefox
openjdk
gimp
little_cms
|
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attac…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2009-0733
|
2024-11-20 05:25 |
2009-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
148
|
- |
|
gnome
|
yelp
gnome
|
Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers…
Update
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2008-3533
|
2024-11-20 05:25 |
2008-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
149
|
- |
|
mozilla
sun
gimp
littlecms
|
firefox
openjdk
gimp
little_cms
|
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafte…
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2009-0723
|
2024-11-20 05:24 |
2009-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
150
|
9.8 |
CRITICAL
Network
graphicsmagick
suse
oracle
opensuse
canonical
debian
imagemagick
|
graphicsmagick
studio_onsite
linux_enterprise_software_development_kit
linux_enterprise_debuginfo
solaris
linux
leap
opensuse
ubuntu_linux
debian_linux
linux_enterprise_…
|
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename.
Update
|
NVD-CWE-noinfo
|
CVE-2016-5118
|
2024-11-20 05:24 |
2016-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
