|
308851
|
6.1 |
MEDIUM
Network
|
advantech
|
adam_5550-firmware
|
Advantech ADAM 5550's web application includes a "logs" page where all
the HTTP requests received are displayed to the user. The device doesn't
correctly neutralize malicious code when parsing HTTP…
|
CWE-79
Cross-site Scripting
|
CVE-2024-38308
|
2024-10-8 00:24 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308852
|
5.7 |
MEDIUM
Adjacent
|
advantech
|
adam-5630_firmware
|
Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-34542
|
2024-10-8 00:20 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308853
|
5.7 |
MEDIUM
Adjacent
|
advantech
|
adam-5550_firmware
|
Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-37187
|
2024-10-8 00:17 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308854
|
6.1 |
MEDIUM
Network
|
flatpress
|
flatpress
|
A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email field.
|
CWE-79
Cross-site Scripting
|
CVE-2024-25412
|
2024-10-8 00:04 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308855
|
7.5 |
HIGH
Network
|
nasa
|
cryptolib
|
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem (crypto_tm.c).
|
CWE-125
Out-of-bounds Read
|
CVE-2024-44912
|
2024-10-8 00:00 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308856
|
7.5 |
HIGH
Network
|
nasa
|
cryptolib
|
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem (crypto_aos.c).
|
CWE-125
Out-of-bounds Read
|
CVE-2024-44911
|
2024-10-8 00:00 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308857
|
7.5 |
HIGH
Network
|
nasa
|
cryptolib
|
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem (crypto_aos.c).
|
CWE-125
Out-of-bounds Read
|
CVE-2024-44910
|
2024-10-7 23:27 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308858
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box
[Why]
Coverity reports OVERRUN warning. soc.n…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46811
|
2024-10-7 23:24 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308859
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: added NULL check at start of dc_validate_stream
[Why]
prevent invalid memory access
[How]
check if dc and strea…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46802
|
2024-10-7 23:21 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308860
|
7.5 |
HIGH
Network
|
ays-pro
|
chatgpt_assistant
|
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 lacks sufficient access controls allowing an unauthenticated user to disconnect the AI ChatBot with ChatGPT and …
|
NVD-CWE-noinfo
|
CVE-2024-7714
|
2024-10-7 23:21 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
