|
304251
|
7.8 |
HIGH
Local
|
siemens
|
spectrum_power_7
|
A vulnerability has been identified in Spectrum Power 7 (All versions < V24Q3). The affected product contains several root-owned SUID binaries that could allow an authenticated local attacker to esca…
|
NVD-CWE-noinfo
|
CVE-2024-29119
|
2024-11-16 07:50 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304252
|
7.2 |
HIGH
Network
|
timgeyssens
|
ui-o-matic
|
A vulnerability has been found in TimGeyssens UIOMatic 5 and classified as critical. This vulnerability affects unknown code of the file /src/UIOMatic/wwwroot/backoffice/resources/uioMaticObject.r. T…
|
CWE-89
SQL Injection
|
CVE-2024-11124
|
2024-11-16 07:47 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304253
|
- |
|
-
|
-
|
Sercomm Model Etisalat Model S3- AC2100 is affected by Cross Site Scripting (XSS) via the firmware update page.
|
-
|
CVE-2021-27703
|
2024-11-16 07:35 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304254
|
- |
|
-
|
-
|
Sercomm Router Etisalat Model S3- AC2100 is affected by Incorrect Access Control via the diagnostic utility in the router dashboard.
|
-
|
CVE-2021-27702
|
2024-11-16 07:35 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304255
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
udf: fix uninit-value use in udf_get_fileshortad
Check for overflow when computing alen in udf_current_aext to mitigate
later uni…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-50143
|
2024-11-16 07:22 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304256
|
- |
|
-
|
-
|
Bluetooth LE and BR/EDR Secure Connections pairing and Secure Simple Pairing using the Passkey entry protocol in Bluetooth Core Specifications 2.1 through 5.3 may permit an unauthenticated man-in-the…
|
-
|
CVE-2021-37577
|
2024-11-16 06:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304257
|
- |
|
-
|
-
|
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.This issue affects:
?Product
Affected Versions
LoadMaster
Fro…
|
CWE-20
Improper Input Validation
|
CVE-2024-8755
|
2024-11-16 06:15 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304258
|
5.5 |
MEDIUM
Local
|
cysoft168
|
super_easy_enterprise_management_system
|
An issue in Super easy enterprise management system v.1.0.0 and before allows a local attacker to obtain the server absolute path by entering a single quotation mark.
|
CWE-22
Path Traversal
|
CVE-2024-42680
|
2024-11-16 06:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304259
|
7.5 |
HIGH
Network
|
sunmochina
|
enterprise_management_system
|
Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allows attackers to access sensitive information regarding the s…
|
NVD-CWE-Other
|
CVE-2024-44760
|
2024-11-16 05:15 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304260
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx()
build_skb() returns NULL in case of a memory allocatio…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50145
|
2024-11-16 04:50 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
