Total 264749 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-22778 2024-08-01 N/A
HackMD CodiMD <2.5.2 is vulnerable to Denial of Service.
CVE-2024-22625 1 Campcodes 1 Supplier Management System 2024-08-01 7.2 High
Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_category.php?id=.
CVE-2024-22734 2024-08-01 6.2 Medium
An issue was discovered in AMCS Group Trux Waste Management Software before version 7.19.0018.26912, allows local attackers to obtain sensitive information via a static, hard-coded AES Key-IV pair in the TxUtilities.dll and TruxUser.cfg components.
CVE-2024-22749 1 Gpac 1 Gpac 2024-08-01 7.8 High
GPAC v2.3 was detected to contain a buffer overflow via the function gf_isom_new_generic_sample_description function in the isomedia/isom_write.c:4577
CVE-2024-22774 2024-08-01 7.8 High
An issue in Panoramic Corporation Digital Imaging Software v.9.1.2.7600 allows a local attacker to escalate privileges via the ccsservice.exe component.
CVE-2024-22780 2024-08-01 N/A
Cross Site Scripting vulnerability in CA17 TeamsACS v.1.0.1 allows a remote attacker to execute arbitrary code via a crafted script to the errmsg parameter.
CVE-2024-22635 1 Webcalendar Project 1 Webcalendar 2024-08-01 6.1 Medium
WebCalendar v1.3.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /WebCalendarvqsmnseug2/edit_entry.php.
CVE-2024-22795 1 Forescout 1 Secureconnector 2024-08-01 7.0 High
Insecure Permissions vulnerability in Forescout SecureConnector v.11.3.06.0063 allows a local attacker to escalate privileges via the Recheck Compliance Status component.
CVE-2024-22548 1 Flycms Project 1 Flycms 2024-08-01 5.4 Medium
FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the system website settings website name section.
CVE-2024-22636 1 Pluxml 1 Pluxml 2024-08-01 8.8 High
PluXml Blog v5.8.9 was discovered to contain a remote code execution (RCE) vulnerability in the Static Pages feature. This vulnerability is exploited via injecting a crafted payload into the Content field.
CVE-2024-22807 2024-08-01 6.5 Medium
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to erase a critical sector of the flash memory, causing the machine to lose network connectivity and suffer from firmware corruption.
CVE-2024-22721 2024-08-01 N/A
Cross Site Request Forgery (CSRF) vulnerability in Form Tools 3.1.1 allows attackers to manipulate sensitive user data via crafted link.
CVE-2024-22770 1 Hitron Systems 2 Dvr Hvr-4781, Dvr Hvr-4781 Firmware 2024-08-01 7.4 High
Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.
CVE-2024-22723 2024-08-01 4.9 Medium
Webtrees 2.1.18 is vulnerable to Directory Traversal. By manipulating the "media_folder" parameter in the URL, an attacker (in this case, an administrator) can navigate beyond the intended directory (the 'media/' directory) to access sensitive files in other parts of the application's file system.
CVE-2024-22551 1 Ushainformatique 1 Whatacart 2024-08-01 6.1 Medium
WhatACart v2.0.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /site/default/search.
CVE-2024-22667 1 Vim 1 Vim 2024-08-01 7.8 High
Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.
CVE-2024-22568 1 Flycms Project 1 Flycms 2024-08-01 8.8 High
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/del.
CVE-2024-22549 1 Flycms Project 1 Flycms 2024-08-01 5.4 Medium
FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the email settings of the website settings section.
CVE-2024-22768 1 Hitron Systems 2 Dvr Hvr-4781, Dvr Hvr-4781 Firmware 2024-08-01 7.4 High
Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.
CVE-2024-22725 1 Orthanc-server 1 Orthanc 2024-08-01 6.1 Medium
Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting (XSS) vulnerability. The vulnerability was present in the server's error reporting.