|
305841
|
9.8 |
CRITICAL
Network
|
totolink
|
n350rt_firmware
|
Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi…
|
NVD-CWE-noinfo
|
CVE-2024-42966
|
2024-10-25 05:35 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305842
|
- |
|
-
|
-
|
Micro-Star International Z-series motherboards (Z590, Z490, and Z790) and B-series motherboards (B760, B560, B660, and B460) with firmware 7D25v14, 7D25v17 to 7D25v19, and 7D25v1A to 7D25v1H was disc…
|
-
|
CVE-2024-36877
|
2024-10-25 05:35 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305843
|
- |
|
-
|
-
|
In certain Sonos products before S1 Release 11.12 and S2 release 15.9, the mt_7615.ko wireless driver does not properly validate an information element during negotiation of a WPA2 four-way handshake…
|
-
|
CVE-2023-50809
|
2024-10-25 05:35 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305844
|
5.3 |
MEDIUM
Network
|
lopalopa
|
responsive_school_management_system
|
An Incorrect Access Control vulnerability was found in /smsa/view_students.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT d…
|
NVD-CWE-Other
|
CVE-2024-41250
|
2024-10-25 05:35 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305845
|
6.5 |
MEDIUM
Network
|
lopalopa
|
responsive_school_management_system
|
An Incorrect Access Control vulnerability was found in /smsa/admin_teacher_register_approval.php and /smsa/admin_teacher_register_approval_submit.php in Kashipara Responsive School Management System …
|
NVD-CWE-Other
|
CVE-2024-41251
|
2024-10-25 05:35 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305846
|
9.8 |
CRITICAL
Network
|
ivanti
|
endpoint_manager_mobile
|
An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an unauthorized attacker within the network to execute arbitrary commands on the underlying operating sys…
|
CWE-287
Improper Authentication
|
CVE-2024-36130
|
2024-10-25 05:35 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305847
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7535
|
2024-10-25 05:35 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305848
|
- |
|
-
|
-
|
A mass assignment vulnerability exists in Pantera CRM versions 401.152 and 402.072. This flaw allows authenticated users to modify any user attribute, including roles, by injecting additional paramet…
|
-
|
CVE-2024-40531
|
2024-10-25 05:35 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305849
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: send: fix buffer overflow detection when copying path to cache entry
Starting with commit c0247d289e73 ("btrfs: send: anno…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-49869
|
2024-10-25 05:28 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305850
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition
In the svc_i3c_master_probe fun…
|
CWE-416
Use After Free
|
CVE-2024-49874
|
2024-10-25 05:27 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
