|
314711
|
7.5 |
HIGH
Network
|
qualcomm
|
ar8035_firmware
csr8811_firmware
fastconnect_6700_firmware
fastconnect_6900_firmware
fastconnect_7800_firmware
flight_rb5_5g_firmware
immersive_home_214_firmware
immersive_home_2…
|
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.
|
CWE-125
Out-of-bounds Read
|
CVE-2024-33057
|
2024-09-5 02:06 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314712
|
7.8 |
HIGH
Local
|
qualcomm
|
ar8035_firmware
c-v2x_9150_firmware
fastconnect_7800_firmware
qca6574a_firmware
qca6584au_firmware
qca6595au_firmware
qca6696_firmware
qca6698aq_firmware
qca8081_firmware
q…
|
Memory corruption while processing concurrent IOCTL calls.
|
CWE-416
Use After Free
|
CVE-2024-38401
|
2024-09-5 02:05 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314713
|
4.3 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.9.x <= 9.9.0, 9.5.x <= 9.5.6, 9.7.x <= 9.7.5 and 9.8.x <= 9.8.1 fail to disallow the modification of local channels by a remote, when shared channels are enabled, which allows a…
|
NVD-CWE-noinfo
|
CVE-2024-41162
|
2024-09-5 02:03 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314714
|
7.8 |
HIGH
Local
|
openatom
|
openharmony
|
in OpenHarmony v4.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-38386
|
2024-09-5 01:56 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314715
|
4.3 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.9.x <= 9.9.0 and 9.5.x <= 9.5.6 fail to validate the source of sync messages and only allow the correct remote IDs, which allows a malicious remote to set arbitrary RemoteId val…
|
CWE-346
Origin Validation Error
|
CVE-2024-41926
|
2024-09-5 01:55 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314716
|
6.5 |
MEDIUM
Network
|
misp
|
misp
|
In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access to bookmarks data in the case where the user is not an org admin.
|
CWE-863
Incorrect Authorization
|
CVE-2024-45509
|
2024-09-5 01:45 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314717
|
9.8 |
CRITICAL
Network
|
htmldoc_project
|
htmldoc
|
HTMLDOC before 1.9.19 has an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-45508
|
2024-09-5 01:44 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314718
|
9.8 |
CRITICAL
Network
|
oretnom23
|
computer_laboratory_management_system
|
A vulnerability, which was classified as critical, has been found in SourceCodester Computer Laboratory Management System 1.0. Affected by this issue is the function delete_category of the file /clas…
|
CWE-89
SQL Injection
|
CVE-2024-8348
|
2024-09-5 01:43 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314719
|
9.8 |
CRITICAL
Network
|
oretnom23
|
computer_laboratory_management_system
|
A vulnerability classified as critical was found in SourceCodester Computer Laboratory Management System 1.0. Affected by this vulnerability is the function delete_record of the file /classes/Master.…
|
CWE-89
SQL Injection
|
CVE-2024-8347
|
2024-09-5 01:42 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314720
|
6.1 |
MEDIUM
Network
|
tpmecms
|
tpmecms
|
TpMeCMS 1.3.3.2 is vulnerable to Cross Site Scripting (XSS) in /h.php/page?ref=addtabs via the "Title," "Images," and "Content" fields.
|
CWE-79
Cross-site Scripting
|
CVE-2024-44684
|
2024-09-5 01:42 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
