Total
29 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-39243 | 1 Skycaiji | 1 Skycaiji | 2024-08-02 | 9.8 Critical |
| An issue discovered in skycaiji 2.8 allows attackers to run arbitrary code via crafted POST request to /index.php?s=/admin/develop/editor_save. | ||||
| CVE-2024-31809 | 2024-08-02 | 8.8 High | ||
| TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the FileName parameter in the setUpgradeFW function. | ||||
| CVE-2024-31812 | 2024-08-02 | 6.5 Medium | ||
| In TOTOLINK EX200 V4.0.3c.7646_B20201211, an attacker can obtain sensitive information without authorization through the function getWiFiExtenderConfig. | ||||
| CVE-2024-24257 | 2024-08-01 | 7.5 High | ||
| An issue in skteco.com Central Control Attendance Machine web management platform v.3.0 allows an attacker to obtain sensitive information via a crafted script to the csl/user component. | ||||
| CVE-2024-23268 | 1 Apple | 1 Macos | 2024-08-01 | 7.8 High |
| An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges. | ||||
| CVE-2024-23274 | 1 Apple | 1 Macos | 2024-08-01 | 8.4 High |
| An injection issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. An app may be able to elevate privileges. | ||||
| CVE-2024-21503 | 2 Python Software Foundation, Redhat | 2 Black, Ansible Automation Platform | 2024-08-01 | 5.3 Medium |
| Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings. | ||||
| CVE-2024-0044 | 2024-08-01 | 7.8 High | ||
| In createSessionInternal of PackageInstallerService.java, there is a possible run-as any app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-6920 | 2023-12-18 | 0.0 Low | ||
| This flaw was found to be a duplicate of CVE-2023-6927. Please see https://access.redhat.com/security/cve/CVE-2023-6927 for information about affected products and security errata. | ||||