Total
277677 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-44807 | 1 D-zero | 2 Burgereditor, Burgereditor Limited Edition | 2024-10-15 | 5.3 Medium |
| A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor Limited Edition before 2.25.1 allows remote attackers to obtain sensitive information by exposing a list of the uploaded files. | ||||
| CVE-2024-44415 | 1 Dlink | 1 Di-8200 Firmware | 2024-10-15 | 6.5 Medium |
| A vulnerability was discovered in DI_8200-16.07.26A1, There is a buffer overflow in the dbsrv_asp function; The strcpy function is executed without checking the length of the string, leading to a buffer overflow. | ||||
| CVE-2024-44413 | 1 Dlink | 1 Di-8200 Firmware | 2024-10-15 | 8.8 High |
| A vulnerability was discovered in DI_8200-16.07.26A1, which has been classified as critical. This issue affects the upgrade_filter_asp function in the upgrade_filter.asp file. Manipulation of the path parameter can lead to command injection. | ||||
| CVE-2024-41858 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2024-10-15 | 7.8 High |
| InCopy versions 18.5.2, 19.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-48776 | 1 Shelly | 1 Home Firmware | 2024-10-15 | 7.5 High |
| An issue in Shelly com.home.shelly 1.0.4 allows a remote attacker to obtain sensitive information via the firmware update process | ||||
| CVE-2024-48775 | 1 Starvedia | 1 Ezset Firmware | 2024-10-15 | 7.5 High |
| An issue in Plug n Play Camera com.ezset.delaney 1.2.0 allows a remote attacker to obtain sensitive information via the firmware update process. | ||||
| CVE-2024-48773 | 1 Wo-smart | 1 Morepro Firmware | 2024-10-15 | 7.5 High |
| An issue in WoFit v.7.2.3 allows a remote attacker to obtain sensitive information via the firmware update process | ||||
| CVE-2024-48788 | 1 Yescam | 1 Yescam Firmware | 2024-10-15 | 7.5 High |
| An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive information via the firmware update process. | ||||
| CVE-2024-48787 | 1 Revic Optics | 1 Revic Ops Firmware | 2024-10-15 | 9.1 Critical |
| An issue in Revic Optics Revic Ops (us.revic.revicops) 1.12.5 allows a remote attacker to obtain sensitive information via the firmware update process. | ||||
| CVE-2024-48786 | 1 Switchbot | 1 Switchbot Firmware | 2024-10-15 | 9.1 Critical |
| An issue in SWITCHBOT INC SwitchBot (com.theswitchbot.switchbot) 5.0.4 allows a remote attacker to obtain sensitive information via the firmware update process. | ||||
| CVE-2024-48784 | 1 Sampmax | 1 Sampmax Firmware | 2024-10-15 | 9.8 Critical |
| An Incorrect Access Control issue in SAMPMAX com.sampmax.homemax 2.1.2.7 allows a remote attacker to obtain sensitive information via the firmware update process. | ||||
| CVE-2024-48778 | 1 Giant Manufacturing | 1 Ridelink Firmware | 2024-10-15 | 9.1 Critical |
| An issue in GIANT MANUFACTURING CO., LTD RideLink (tw.giant.ridelink) 2.0.7 allows a remote attacker to obtain sensitive information via the firmware update process. | ||||
| CVE-2024-48777 | 1 Ledvance | 1 Smartplus Firmware | 2024-10-15 | 7.5 High |
| LEDVANCE com.ledvance.smartplus.eu 2.1.10 allows a remote attacker to obtain sensitive information via the firmware update process. | ||||
| CVE-2024-48772 | 1 C-chip | 1 C-chip Firmware | 2024-10-15 | 9.1 Critical |
| An issue in C-CHIP (com.cchip.cchipamaota) v.1.2.8 allows a remote attacker to obtain sensitive information via the firmware update process. | ||||
| CVE-2024-48769 | 1 Burg-wchter Kg | 1 Burg-wchter Kg Firmware | 2024-10-15 | 9.1 Critical |
| An issue in BURG-WCHTER KG de.burgwachter.keyapp.app 4.5.0 allows a remote attacker to obtain sensitve information via the firmware update process. | ||||
| CVE-2024-48259 | 1 Magicbug | 1 Cloudlog | 2024-10-15 | 7.3 High |
| Cloudlog 2.6.15 allows Oqrs.php request_form SQL injection via station_id or callsign. | ||||
| CVE-2024-9974 | 2 Oretnom23, Sourcecodester | 2 Online Eyewear Shop, Online Eyewear Shop | 2024-10-15 | 6.3 Medium |
| A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file classes/Master.php?f=add_to_card of the component POST Request Handler. The manipulation of the argument product_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9973 | 2 Oretnom23, Sourcecodester | 2 Online Eyewear Shop, Online Eyewear Shop | 2024-10-15 | 6.3 Medium |
| A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/?page=reports of the component Report Viewing Page. The manipulation of the argument date leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9813 | 1 Codezips | 1 Pharmacy Management System | 2024-10-15 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in Codezips Pharmacy Management System 1.0. This issue affects some unknown processing of the file product/register.php. The manipulation of the argument category leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-9812 | 1 Code-projects | 1 Crud Operation System | 2024-10-15 | 7.3 High |
| A vulnerability classified as critical was found in code-projects Crud Operation System 1.0. This vulnerability affects unknown code of the file delete.php. The manipulation of the argument sid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||