|
313551
|
5.5 |
MEDIUM
Local
|
irfanview
|
irfanview
|
An issue in the component EXR!ReadEXR+0x40ef1 of Irfanview v4.67.1.0 allows attackers to cause an access violation via a crafted EXR file. This vulnerability can lead to a Denial of Service (DoS).
|
NVD-CWE-Other
|
CVE-2024-44913
|
2024-08-31 01:01 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313552
|
9.8 |
CRITICAL
Network
|
totolink
|
a3002r_firmware
|
TOTOLINK AC1200 Wireless Router A3002R Firmware V1.1.1-B20200824 is vulnerable to Buffer Overflow. In the boa server program's CGI handling function formWlEncrypt, there is a lack of length restricti…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-34195
|
2024-08-31 00:59 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313553
|
6.1 |
MEDIUM
Network
|
jupyter
|
jupyterlab
notebook
|
jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. This vulnerability depends on user interaction by opening a malicious n…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43805
|
2024-08-31 00:56 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313554
|
8.0 |
HIGH
Network
|
lopalopa
|
music_management_system
|
A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via a crafted request to the /music/ajax.php?action=save_user page.
|
CWE-352
Origin Validation Error
|
CVE-2024-42793
|
2024-08-31 00:56 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313555
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8193
|
2024-08-31 00:52 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313556
|
9.8 |
CRITICAL
Network
|
sportsnet
|
sportsnet
|
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially…
|
CWE-89
SQL Injection
|
CVE-2024-29723
|
2024-08-31 00:51 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313557
|
9.8 |
CRITICAL
Network
|
sportsnet
|
sportsnet
|
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially…
|
CWE-89
SQL Injection
|
CVE-2024-29726
|
2024-08-31 00:50 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313558
|
9.8 |
CRITICAL
Network
|
sportsnet
|
sportsnet
|
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially…
|
CWE-89
SQL Injection
|
CVE-2024-29725
|
2024-08-31 00:50 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313559
|
9.8 |
CRITICAL
Network
|
sportsnet
|
sportsnet
|
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially…
|
CWE-89
SQL Injection
|
CVE-2024-29724
|
2024-08-31 00:50 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313560
|
9.8 |
CRITICAL
Network
|
menulux
|
managment_portal
|
Improper Privilege Management vulnerability in Menulux Information Technologies Managment Portal allows Collect Data as Provided by Users.This issue affects Managment Portal: through 21.05.2024.
|
NVD-CWE-noinfo
|
CVE-2024-4428
|
2024-08-31 00:49 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
