|
312261
|
6.5 |
MEDIUM
Network
|
qnap
|
qts
quts_hero
|
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to launch a denial-of-service (DoS) atta…
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-51368
|
2024-09-11 22:33 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312262
|
6.5 |
MEDIUM
Network
|
qnap
|
qts
quts_hero
|
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expos…
|
CWE-22
Path Traversal
|
CVE-2023-51366
|
2024-09-11 22:32 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312263
|
4.8 |
MEDIUM
Network
|
qnap
|
qts
quts_hero
|
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to inject malic…
|
CWE-79
Cross-site Scripting
|
CVE-2023-50366
|
2024-09-11 22:31 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312264
|
8.8 |
HIGH
Network
|
qnap
|
qts
quts_hero
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a …
|
CWE-120
CWE-121
Classic Buffer Overflow
Stack-based Buffer Overflow
|
CVE-2023-51367
|
2024-09-11 22:27 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312265
|
6.5 |
MEDIUM
Network
|
zoom
|
workplace
workplace_desktop
workplace_virtual_desktop_infrastructure
rooms
|
Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-39818
|
2024-09-11 22:27 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312266
|
6.5 |
MEDIUM
Network
|
terminalfour
|
terminalfour
|
A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-22217
|
2024-09-11 22:19 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312267
|
5.4 |
MEDIUM
Network
|
yogeshojha
|
rengine
|
reNgine is an automated reconnaissance framework for web applications. Versions 2.1.2 and prior are susceptible to Stored Cross-Site Scripting (XSS) attacks. This vulnerability occurs when scanning a…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43381
|
2024-09-11 22:02 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312268
|
9.8 |
CRITICAL
Network
|
h3c
|
magic_b1st_firmware
|
H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-42638
|
2024-09-11 21:53 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312269
|
7.5 |
HIGH
Network
|
google
|
android
|
In sdpu_compare_uuid_with_attr of sdp_utils.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution pri…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-34727
|
2024-09-11 21:43 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312270
|
8.2 |
HIGH
Network
|
xpdfreader
|
xpdf
|
In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read fro…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-7868
|
2024-09-11 21:40 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
