|
304971
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, has been found in ???????????? Lingdang CRM up to 8.6.4.3. Affected by this issue is some unknown functionality of the file /crm/wechatSession/index…
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-11122
|
2024-11-13 01:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304972
|
- |
|
-
|
-
|
A vulnerability classified as critical was found in ???????????? Lingdang CRM up to 8.6.4.3. Affected by this vulnerability is an unknown functionality of the file /crm/WeiXinApp/marketing/index.php?…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11121
|
2024-11-13 01:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304973
|
- |
|
-
|
-
|
A vulnerability classified as critical has been found in Jinher Network Collaborative Management Platform ??????????? 1.0. Affected is an unknown function of the file /C6/JHSoft.Web.AcceptAip/AcceptS…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11060
|
2024-11-13 01:15 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304974
|
7.1 |
HIGH
Local
|
samsung
|
android
|
Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities.
|
NVD-CWE-noinfo
|
CVE-2024-49401
|
2024-11-13 01:10 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304975
|
7.1 |
HIGH
Local
|
samsung
|
android
|
Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-34679
|
2024-11-13 01:09 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304976
|
4.6 |
MEDIUM
Physics
|
samsung
|
android
|
Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen.
|
NVD-CWE-noinfo
|
CVE-2024-34675
|
2024-11-13 01:08 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304977
|
4.6 |
MEDIUM
Physics
|
samsung
|
android
|
Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles.
|
NVD-CWE-noinfo
|
CVE-2024-34674
|
2024-11-13 01:08 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304978
|
3.3 |
LOW
Local
|
samsung
|
android
|
Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate.
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2024-34677
|
2024-11-13 01:07 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304979
|
5.5 |
MEDIUM
Local
|
samsung
|
android
|
Use of implicit intent for sensitive communication in WlanTest prior to SMR Nov-2024 Release 1 allows local attackers to get sensitive information.
|
NVD-CWE-Other
|
CVE-2024-34680
|
2024-11-13 01:04 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304980
|
- |
|
-
|
-
|
The NVMe driver queue processing is vulernable to guest-induced infinite loops.
|
-
|
CVE-2024-51566
|
2024-11-13 00:48 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
