|
312401
|
9.8 |
CRITICAL
Network
|
tenda
|
fh1206_firmware
|
A vulnerability was found in Tenda FH1206 1.2.0.8. It has been declared as critical. Affected by this vulnerability is the function fromSafeClientFilter/fromSafeMacFilter/fromSafeUrlFilter. The manip…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7615
|
2024-08-22 03:48 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312402
|
9.8 |
CRITICAL
Network
|
tenda
|
fh1206_firmware
|
A vulnerability was found in Tenda FH1206 1.2.0.8(8155). It has been classified as critical. Affected is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument p…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7614
|
2024-08-22 03:48 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312403
|
9.8 |
CRITICAL
Network
|
tenda
|
fh1206_firmware
|
A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argume…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7613
|
2024-08-22 03:47 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312404
|
- |
|
-
|
-
|
An issue in the downloader.php component of TOSEI online store management system v4.02, v4.03, and v4.04 allows attackers to execute a directory traversal.
|
-
|
CVE-2024-43022
|
2024-08-22 03:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312405
|
8.8 |
HIGH
Network
|
pligg
|
pligg_cms
|
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/submit_page.php.
|
CWE-352
Origin Validation Error
|
CVE-2024-42608
|
2024-08-22 03:35 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312406
|
8.8 |
HIGH
Network
|
siamonhasan
|
warehouse_inventory_system
|
A Cross-Site Request Forgery (CSRF) in the component add_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
|
CWE-352
Origin Validation Error
|
CVE-2024-42579
|
2024-08-22 03:35 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312407
|
- |
|
-
|
-
|
In venc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not neede…
|
-
|
CVE-2024-20083
|
2024-08-22 03:35 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312408
|
8.8 |
HIGH
Network
|
ivanti
|
endpoint_manager_mobile
|
An insecure deserialization vulnerability in web component of EPMM prior to 12.1.0.1 allows an authenticated remote attacker to execute arbitrary commands on the underlying operating system of the ap…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-36131
|
2024-08-22 03:35 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312409
|
9.6 |
CRITICAL
Network
|
koha
|
koha
|
Cross Site Scripting vulnerability in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via the additonal-contents.pl component.
|
CWE-79
Cross-site Scripting
|
CVE-2024-28740
|
2024-08-22 03:35 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312410
|
- |
|
-
|
-
|
Multiple authenticated operating system (OS) command injection vulnerabilities exist in Firewalla Box Software
versions before 1.979. A physically close
attacker that is authenticated to the Blueto…
|
-
|
CVE-2024-40893
|
2024-08-22 03:15 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
