Total
311615 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-5467 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-08-27 | N/A | 8.8 HIGH |
| Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report. | |||||
| CVE-2024-41150 | 1 Zohocorp | 3 Manageengine Servicedesk Plus, Manageengine Servicedesk Plus Msp, Manageengine Supportcenter Plus | 2024-08-27 | N/A | 6.1 MEDIUM |
| An Stored Cross-site Scripting vulnerability in request module affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800. | |||||
| CVE-2024-42816 | 2024-08-27 | N/A | 6.1 MEDIUM | ||
| A cross-site scripting (XSS) vulnerability in the Create Product function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter. | |||||
| CVE-2024-8174 | 1 Blood Bank System Project | 1 Blood Bank System | 2024-08-27 | 5.0 MEDIUM | 6.1 MEDIUM |
| A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login.php of the component Login Page. The manipulation of the argument user leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-44557 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | N/A | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo. | |||||
| CVE-2024-44555 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | N/A | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo. | |||||
| CVE-2024-44553 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | N/A | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formGetIptv. | |||||
| CVE-2024-44550 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | N/A | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv. | |||||
| CVE-2024-44549 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | N/A | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv. | |||||
| CVE-2024-8162 | 1 Totolink | 2 T10, T10 Firmware | 2024-08-27 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207. Affected is an unknown function of the file /squashfs-root/web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to hard-coded credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-44558 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | N/A | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo. | |||||
| CVE-2024-44556 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | N/A | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo. | |||||
| CVE-2024-44565 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | N/A | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName parameter in the function form_fast_setting_internet_set. | |||||
| CVE-2024-44563 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | N/A | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo. | |||||
| CVE-2024-43908 | 1 Linux | 1 Linux Kernel | 2024-08-27 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer dereference to ras_manager Check ras_manager before using it | |||||
| CVE-2024-43909 | 1 Linux | 1 Linux Kernel | 2024-08-27 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference for smu7 optimize the code to avoid pass a null pointer (hwmgr->backend) to function smu7_update_edc_leakage_table. | |||||
| CVE-2024-43907 | 1 Linux | 1 Linux Kernel | 2024-08-27 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules Check the pointer value to fix potential null pointer dereference | |||||
| CVE-2024-43906 | 1 Linux | 1 Linux Kernel | 2024-08-27 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: drm/admgpu: fix dereferencing null pointer context When user space sets an invalid ta type, the pointer context will be empty. So it need to check the pointer context before using it | |||||
| CVE-2024-7968 | 1 Google | 1 Chrome | 2024-08-27 | N/A | 8.8 HIGH |
| Use after free in Autofill in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-7967 | 1 Google | 1 Chrome | 2024-08-27 | N/A | 8.8 HIGH |
| Heap buffer overflow in Fonts in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||