|
251671
|
- |
|
-
|
-
|
A vulnerability was found in didi Super-Jacoco 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cov/triggerEnvCov. The manipulation of the argument uuid lea…
|
CWE-77
Command Injection
|
CVE-2024-10435
|
2024-10-28 10:15 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251672
|
- |
|
-
|
-
|
The Easy Table of Contents WordPress plugin before 2.0.68 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks.
|
-
|
CVE-2024-7082
|
2024-10-28 02:35 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251673
|
6.1 |
MEDIUM
Network
|
elecom
|
wab-s1167-ps_firmware
wab-i1750-ps_firmware
|
Cross-site scripting vulnerability exists in WAB-I1750-PS and WAB-S1167-PS due to improper processing of input values in menu.cgi. If a user views a malicious web page while logged in to the product,…
|
CWE-79
Cross-site Scripting
|
CVE-2024-42412
|
2024-10-28 01:35 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251674
|
5.4 |
MEDIUM
Network
|
veeam
|
one
|
A Cross-site-scripting (XSS) vulnerability exists in the Reporter Widgets that allows HTML injection.
|
CWE-79
Cross-site Scripting
|
CVE-2024-42020
|
2024-10-28 00:35 |
2024-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251675
|
6.1 |
MEDIUM
Network
|
smseagle
|
smseagle
|
A stored Cross-Site Scripting (XSS) vulnerability has been identified in SMSEagle software version < 6.0. The vulnerability arises because the application did not properly sanitize user input in the …
|
CWE-79
Cross-site Scripting
|
CVE-2024-37392
|
2024-10-27 23:35 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251676
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-20097
|
2024-10-27 12:35 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251677
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In m4u, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed f…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-20096
|
2024-10-27 12:35 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251678
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In m4u, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed f…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-20095
|
2024-10-27 12:35 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251679
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-20093
|
2024-10-27 12:35 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251680
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-20091
|
2024-10-27 12:35 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
