Total
264749 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-22778 | 2024-08-01 | N/A | ||
HackMD CodiMD <2.5.2 is vulnerable to Denial of Service. | ||||
CVE-2024-22625 | 1 Campcodes | 1 Supplier Management System | 2024-08-01 | 7.2 High |
Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_category.php?id=. | ||||
CVE-2024-22734 | 2024-08-01 | 6.2 Medium | ||
An issue was discovered in AMCS Group Trux Waste Management Software before version 7.19.0018.26912, allows local attackers to obtain sensitive information via a static, hard-coded AES Key-IV pair in the TxUtilities.dll and TruxUser.cfg components. | ||||
CVE-2024-22749 | 1 Gpac | 1 Gpac | 2024-08-01 | 7.8 High |
GPAC v2.3 was detected to contain a buffer overflow via the function gf_isom_new_generic_sample_description function in the isomedia/isom_write.c:4577 | ||||
CVE-2024-22774 | 2024-08-01 | 7.8 High | ||
An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component. | ||||
CVE-2024-22780 | 2024-08-01 | N/A | ||
Cross Site Scripting vulnerability in CA17 TeamsACS v.1.0.1 allows a remote attacker to execute arbitrary code via a crafted script to the errmsg parameter. | ||||
CVE-2024-22635 | 1 Webcalendar Project | 1 Webcalendar | 2024-08-01 | 6.1 Medium |
WebCalendar v1.3.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /WebCalendarvqsmnseug2/edit_entry.php. | ||||
CVE-2024-22795 | 1 Forescout | 1 Secureconnector | 2024-08-01 | 7.0 High |
Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attacker to escalate privileges via the Recheck Compliance Status component. | ||||
CVE-2024-22548 | 1 Flycms Project | 1 Flycms | 2024-08-01 | 5.4 Medium |
FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the system website settings website name section. | ||||
CVE-2024-22636 | 1 Pluxml | 1 Pluxml | 2024-08-01 | 8.8 High |
PluXml Blog v5.8.9 was discovered to contain a remote code execution (RCE) vulnerability in the Static Pages feature. This vulnerability is exploited via injecting a crafted payload into the Content field. | ||||
CVE-2024-22807 | 2024-08-01 | 6.5 Medium | ||
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to erase a critical sector of the flash memory, causing the machine to lose network connectivity and suffer from firmware corruption. | ||||
CVE-2024-22721 | 2024-08-01 | N/A | ||
Cross Site Request Forgery (CSRF) vulnerability in Form Tools 3.1.1 allows attackers to manipulate sensitive user data via crafted link. | ||||
CVE-2024-22770 | 1 Hitron Systems | 2 Dvr Hvr-4781, Dvr Hvr-4781 Firmware | 2024-08-01 | 7.4 High |
Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW. | ||||
CVE-2024-22723 | 2024-08-01 | 4.9 Medium | ||
Webtrees 2.1.18 is vulnerable to Directory Traversal. By manipulating the "media_folder" parameter in the URL, an attacker (in this case, an administrator) can navigate beyond the intended directory (the 'media/' directory) to access sensitive files in other parts of the application's file system. | ||||
CVE-2024-22551 | 1 Ushainformatique | 1 Whatacart | 2024-08-01 | 6.1 Medium |
WhatACart v2.0.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /site/default/search. | ||||
CVE-2024-22667 | 1 Vim | 1 Vim | 2024-08-01 | 7.8 High |
Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. | ||||
CVE-2024-22568 | 1 Flycms Project | 1 Flycms | 2024-08-01 | 8.8 High |
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/del. | ||||
CVE-2024-22549 | 1 Flycms Project | 1 Flycms | 2024-08-01 | 5.4 Medium |
FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the email settings of the website settings section. | ||||
CVE-2024-22768 | 1 Hitron Systems | 2 Dvr Hvr-4781, Dvr Hvr-4781 Firmware | 2024-08-01 | 7.4 High |
Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW. | ||||
CVE-2024-22725 | 1 Orthanc-server | 1 Orthanc | 2024-08-01 | 6.1 Medium |
Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting (XSS) vulnerability. The vulnerability was present in the server's error reporting. |