For providers | HunCERT group

27 Nov 2024

Riasztás

NA - CVE-2024-53635 - A Reflected Cross Site Scripting (XSS)...

A Reflected Cross Site Scripting (XSS) vulnerability was found in /covid-tms/patient-search-report.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to...

security-database.com

27 Nov 2024

Riasztás

NA - CVE-2024-11862 - Non constant time cryptographic operation in...

Non constant time cryptographic operation in Devolutions.XTS.NET 2024.11.19 and earlier allows an attacker to render half of the encryption key obsolete via a timing attacks

security-database.com

27 Nov 2024

Riasztás

NA - CVE-2024-46054 - OpenVidReview 1.0 is vulnerable to Incorrect...

OpenVidReview 1.0 is vulnerable to Incorrect Access Control. The /upload route is accessible without authentication, allowing any user to upload files.

security-database.com

27 Nov 2024

Riasztás

NA - CVE-2024-46055 - OpenVidReview 1.0 is vulnerable to Cross Site...

OpenVidReview 1.0 is vulnerable to Cross Site Scripting (XSS) in review names.

security-database.com

27 Nov 2024

Riasztás

NA - CVE-2024-52951 - Stored Cross-Site Scripting in the Access...

Stored Cross-Site Scripting in the Access Request History in Omada Identity before version 15 update 1 allows an authenticated attacker to execute arbitrary code in the browser of a victim via a...

security-database.com

27 Nov 2024

Riasztás

NA - CVE-2024-53920 - In elisp-mode.el in GNU Emacs through 30.0.92,...

In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro...

security-database.com

27 Nov 2024

Riasztás

NA - CVE-2024-11860 - A vulnerability classified as critical has been...

A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects an unknown part of the file /rental/ajax.php?action=delete_tenant of...

security-database.com

27 Nov 2024

Riasztás

NA - CVE-2024-21703 - This Medium severity Security Misconfiguration...

This Medium severity Security Misconfiguration vulnerability was introduced in version 8.8.1 of Confluence Data Center and Server for Windows installations. This Security Misconfiguration...

security-database.com

27 Nov 2024

Riasztás

NA - CVE-2024-31976 - EnGenius EWS356-FIR 1.1.30 and earlier devices...

EnGenius EWS356-FIR 1.1.30 and earlier devices allow a remote attacker to execute arbitrary OS commands via the Controller connectivity parameter.

security-database.com

27 Nov 2024

Riasztás

NA - CVE-2024-37816 - Quectel EC25-EUX EC25EUXGAR08A05M1G was...

Quectel EC25-EUX EC25EUXGAR08A05M1G was discovered to contain a stack overflow.

security-database.com

Phone:	+36 1 279 6222 9am to 4pm
E-mail:	@email
Address:	H-1111 Budapest, Kende u. 13-17.