|
3641
|
7.8 |
HIGH
Local
|
qualcomm
|
fastconnect_6900_firmware
fastconnect_7800_firmware
qam8295p_firmware
qca6574au_firmware
qca6696_firmware
qcm8550_firmware
qcs6490_firmware
qcs8550_firmware
video_collaboratio…
|
Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,
|
CWE-787
Out-of-bounds Write
|
CVE-2024-33041
|
2025-01-11 02:15 |
2025-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3642
|
7.8 |
HIGH
Local
|
qualcomm
|
fastconnect_6900_firmware
fastconnect_7800_firmware
qam8295p_firmware
qca6574au_firmware
qca6696_firmware
qcm8550_firmware
qcs6490_firmware
qcs8550_firmware
video_collaboratio…
|
Memory corruption while invoking IOCTL calls to unmap the DMA buffers.
|
CWE-416
Use After Free
|
CVE-2024-33055
|
2025-01-11 02:01 |
2025-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3643
|
7.8 |
HIGH
Local
|
qualcomm
|
fastconnect_6900_firmware
fastconnect_7800_firmware
qcm8550_firmware
qcs8550_firmware
sg8275p_firmware
sm8550p_firmware
snapdragon_8_gen_2_mobile_firmware
snapdragon_8_gen_3_mobi…
|
Memory corruption while processing frame command IOCTL calls.
|
CWE-416
Use After Free
|
CVE-2024-33059
|
2025-01-11 01:53 |
2025-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3644
|
5.5 |
MEDIUM
Local
|
qualcomm
|
qcs8550_firmware
sw5100_firmware
sw5100p_firmware
wcn3660b_firmware
wcn3680b_firmware
wcn3980_firmware
wcn3988_firmware
wsa8830_firmware
wsa8835_firmware
|
Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process.
|
CWE-125
Out-of-bounds Read
|
CVE-2024-33061
|
2025-01-11 01:49 |
2025-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3645
|
- |
|
-
|
-
|
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_doacao.php endpoint of the WeGIA application. This vulnerab…
|
CWE-79
Cross-site Scripting
|
CVE-2025-22600
|
2025-01-11 01:15 |
2025-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3646
|
- |
|
-
|
-
|
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the home.php endpoint of the WeGIA application. This vulnerability allows at…
|
CWE-79
Cross-site Scripting
|
CVE-2025-22599
|
2025-01-11 01:15 |
2025-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3647
|
- |
|
-
|
-
|
WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the cadastrarSocio.php endpoint of the WeGIA application. This vulnerability al…
|
CWE-79
Cross-site Scripting
|
CVE-2025-22598
|
2025-01-11 01:15 |
2025-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3648
|
- |
|
-
|
-
|
WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the CobrancaController.php endpoint of the WeGIA application. This vulnerabilit…
|
CWE-79
Cross-site Scripting
|
CVE-2025-22597
|
2025-01-11 01:15 |
2025-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3649
|
- |
|
-
|
-
|
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the modulos_visiveis.php endpoint of the WeGIA application. This vulnerabili…
|
CWE-79
Cross-site Scripting
|
CVE-2025-22596
|
2025-01-11 01:15 |
2025-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3650
|
- |
|
-
|
-
|
Atheos is a self-hosted browser-based cloud IDE. Prior to v600, the $path and $target parameters are not properly validated across multiple components, allowing an attacker to read, modify, or execut…
|
CWE-22
CWE-94
CWE-434
Path Traversal
Code Injection
Unrestricted Upload of File with Dangerous Type
|
CVE-2025-22152
|
2025-01-11 01:15 |
2025-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
