Total
277647 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-8993 | 2024-12-26 | 6.2 Medium | ||
| Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. | ||||
| CVE-2024-8992 | 2024-12-26 | 4 Medium | ||
| Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. | ||||
| CVE-2024-47156 | 2024-12-26 | 3.3 Low | ||
| Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. | ||||
| CVE-2024-47151 | 2024-12-26 | 6.3 Medium | ||
| Some Honor products are affected by file writing vulnerability, successful exploitation could cause code execution | ||||
| CVE-2024-47150 | 2024-12-26 | 3.3 Low | ||
| Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. | ||||
| CVE-2024-47149 | 2024-12-26 | 3.3 Low | ||
| Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions. | ||||
| CVE-2024-47148 | 2024-12-26 | 4 Medium | ||
| Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions. | ||||
| CVE-2024-12950 | 2024-12-26 | 6.3 Medium | ||
| A vulnerability was found in code-projects Travel Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /subcat.php. The manipulation of the argument catid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-12948 | 2024-12-26 | 6.3 Medium | ||
| A vulnerability was found in code-projects Travel Management System 1.0. It has been classified as critical. This affects an unknown part of the file /detail.php. The manipulation of the argument pid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-12947 | 2024-12-26 | 6.3 Medium | ||
| A vulnerability was found in Codezips Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /invo.php. The manipulation of the argument dname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2024-12946 | 2024-12-26 | 7.3 High | ||
| A vulnerability, which was classified as critical, has been found in 1000 Projects Attendance Tracking Management System 1.0. This issue affects some unknown processing of the file /admin/admin_action.php. The manipulation of the argument admin_user_name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-12945 | 2024-12-26 | 7.3 High | ||
| A vulnerability classified as critical was found in code-projects Simple Car Rental System 1.0. This vulnerability affects unknown code of the file /account.php. The manipulation of the argument email/pass leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-12937 | 2024-12-26 | 6.3 Medium | ||
| A vulnerability, which was classified as critical, was found in code-projects Simple Admin Panel 1.0. Affected is an unknown function of the file addVariationController.php. The manipulation of the argument qty leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-12936 | 2024-12-26 | 6.3 Medium | ||
| A vulnerability, which was classified as critical, has been found in code-projects Simple Admin Panel 1.0. This issue affects some unknown processing of the file catDeleteController.php. The manipulation of the argument record leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-7300 | 2024-12-26 | 8 High | ||
| Huawei Home Music System has a path traversal vulnerability. Successful exploitation of this vulnerability may cause the music host file to be deleted or the file permission to be changed.(Vulnerability ID:HWPSIRT-2023-60613) | ||||
| CVE-2024-5498 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-26 | 5.4 Medium |
| Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5497 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-26 | 8.8 High |
| Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5496 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-12-26 | 8.8 High |
| Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5495 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2024-12-26 | 8.8 High |
| Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-5494 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2024-12-26 | 8.8 High |
| Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||