Total 277606 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-8174 2 Blood Bank System Project, Code-projects 2 Blood Bank System, Blood Bank System 2024-08-27 4.3 Medium
A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login.php of the component Login Page. The manipulation of the argument user leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-44557 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 8 High
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo.
CVE-2024-44555 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 9.8 Critical
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo.
CVE-2024-44553 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 8.8 High
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formGetIptv.
CVE-2024-44552 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 6.6 Medium
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv.
CVE-2024-44550 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 8.8 High
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv.
CVE-2024-44549 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 6.6 Medium
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv.
CVE-2024-44558 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 8.8 High
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo.
CVE-2024-44556 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 6.6 Medium
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo.
CVE-2024-44565 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 8 High
Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName parameter in the function form_fast_setting_internet_set.
CVE-2024-44563 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 8 High
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo.
CVE-2024-20417 1 Cisco 1 Identity Services Engine Software 2024-08-27 6.5 Medium
Multiple vulnerabilities in the REST API of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct blind SQL injection attacks. These vulnerabilities are due to insufficient validation of user-supplied input in REST API calls. An attacker could exploit these vulnerabilities by sending crafted input to an affected device. A successful exploit could allow the attacker to view or modify data on the affected device.
CVE-2024-7968 1 Google 1 Chrome 2024-08-27 8.8 High
Use after free in Autofill in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-7967 1 Google 1 Chrome 2024-08-27 8.8 High
Heap buffer overflow in Fonts in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-7966 1 Google 1 Chrome 2024-08-27 8.8 High
Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2024-7964 1 Google 2 Android, Chrome 2024-08-27 8.8 High
Use after free in Passwords in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-36517 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-27 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module.
CVE-2024-36516 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-27 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard.
CVE-2024-36514 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-27 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in file summary option.
CVE-2024-36515 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-27 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard.