|
311981
|
5.5 |
MEDIUM
Local
|
huawei
|
emui
harmonyos
|
LaunchAnywhere vulnerability in the account module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-42034
|
2024-09-12 03:55 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311982
|
7.8 |
HIGH
Local
|
huawei
|
harmonyos
emui
|
Permission control vulnerability in the App Multiplier module
Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-42035
|
2024-09-12 03:52 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311983
|
8.8 |
HIGH
Network
|
pharmacy_management_system_project
|
pharmacy_management_system
|
A vulnerability was found in code-projects Pharmacy Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php?action=editPharmacist. The mani…
|
CWE-89
SQL Injection
|
CVE-2024-8147
|
2024-09-12 03:37 |
2024-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311984
|
5.5 |
MEDIUM
Local
|
logitech
|
options\+
|
Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera.
|
CWE-863
Incorrect Authorization
|
CVE-2024-8011
|
2024-09-12 03:15 |
2024-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311985
|
5.3 |
MEDIUM
Network
|
purevpn
|
purevpn
|
PureVPN Linux client 2.0.2-Productions fails to properly handle DNS queries, allowing them to bypass the VPN tunnel and be sent directly to the ISP or default DNS servers.
|
NVD-CWE-noinfo
|
CVE-2023-48957
|
2024-09-12 03:07 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311986
|
5.4 |
MEDIUM
Network
|
sap
|
netweaver_application_server_abap
|
SAP NetWeaver Application Server ABAP allows
an unauthenticated attacker to craft a URL link that could bypass allowlist
controls. Depending on the web applications provided by this server, the
…
|
NVD-CWE-noinfo
|
CVE-2024-41732
|
2024-09-12 02:52 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311987
|
4.3 |
MEDIUM
Network
|
sap
|
business_objects_business_intelligence_platform
|
SAP BusinessObjects Business Intelligence
Platform allows an authenticated attacker to upload malicious code over the
network, that could be executed by the application. On successful exploitation,
t…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-41731
|
2024-09-12 02:48 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311988
|
5.4 |
MEDIUM
Network
|
wpeka
|
wp_adcenter
|
The WP AdCenter – Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ad_alignment’ attribute in all versions up to, and including, 2.5.6 due to insuff…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8317
|
2024-09-12 02:46 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311989
|
4.3 |
MEDIUM
Network
|
wpshuffle
|
frontend_post_submission_manager
|
The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_glo…
|
CWE-862
Missing Authorization
|
CVE-2024-8427
|
2024-09-12 02:41 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311990
|
8.8 |
HIGH
Network
|
nvidia
|
mlnx-os
mlnx-gw
onyx
nvda-os_xc
|
NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in the LDAP AAA component, where a user can cause improper access. A successful exploit of this vulnerability might …
|
NVD-CWE-Other
|
CVE-2024-0104
|
2024-09-12 02:40 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
