|
305521
|
8.8 |
HIGH
Network
|
fabianros
|
blood_bank_management_system
|
A vulnerability was found in code-projects Blood Bank Management 1.0 and classified as critical. This issue affects some unknown processing of the file /file/accept.php. The manipulation of the argum…
|
CWE-89
SQL Injection
|
CVE-2024-10409
|
2024-10-30 05:42 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305522
|
7.2 |
HIGH
Network
|
janobe
|
online_hotel_reservation_system
|
A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. Affected by this vulnerability is the function upload of the file /admin/mod_room/controller.ph…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10410
|
2024-10-30 05:41 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305523
|
5.4 |
MEDIUM
Network
|
poco-z
|
guns-medial
|
A vulnerability was found in Poco-z Guns-Medical 1.0. It has been declared as problematic. Affected by this vulnerability is the function upload of the file /mgr/upload of the component File Upload. …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10412
|
2024-10-30 05:40 |
2024-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305524
|
- |
|
-
|
-
|
An issue in Total.js CMS v.1.0 allows a remote attacker to execute arbitrary code via the func.js file.
|
-
|
CVE-2024-48655
|
2024-10-30 05:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305525
|
- |
|
-
|
-
|
A command execution vulnerability exists in the AX2 Pro home router produced by Shenzhen Tenda Technology Co., Ltd. (Jixiang Tenda) v.DI_7003G-19.12.24A1V16.03.29.50;V16.03.29.50;V16.03.29.50. An att…
|
-
|
CVE-2024-48459
|
2024-10-30 05:35 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305526
|
- |
|
-
|
-
|
A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz testing with AddressSanitizer. The crash occurred due to a read access to an inv…
|
-
|
CVE-2024-48426
|
2024-10-30 05:35 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305527
|
- |
|
-
|
-
|
Insecure handling of ssh keys used to bootstrap clients allows local attackers to potentially gain access to the keys
|
-
|
CVE-2023-32189
|
2024-10-30 05:35 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305528
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via…
|
NVD-CWE-noinfo
|
CVE-2024-7978
|
2024-10-30 05:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305529
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discreti…
|
NVD-CWE-noinfo
|
CVE-2024-7004
|
2024-10-30 05:35 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305530
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
firefox_esr
thunderbird
|
Select options could obscure the fullscreen notification dialog. This could be used by a malicious site to perform a spoofing attack. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, an…
|
NVD-CWE-noinfo
|
CVE-2024-7518
|
2024-10-30 05:35 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
