Ugrás a tartalomra

Riasztások

2024. Szep. 23.

NA - CVE-2024-7735 - Improper Neutralization of Special Elements...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Exnet Informatics Software Ferry Reservation System allows SQL Injection.This issue...
security-database.com
Tovább
2024. Szep. 23.

NA - CVE-2024-7835 - Improper Neutralization of Input During Web...

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Exnet Informatics Software Ferry Reservation System allows Reflected XSS.This...
security-database.com
Tovább
2024. Szep. 23.

NA - CVE-2024-46241 - PHPGurukul Dairy Farm Shop Management System...

PHPGurukul Dairy Farm Shop Management System v1.1 is vulnerable to Cross-Site Scripting (XSS) via the pname parameter in add_product.php and edit_product.php.
security-database.com
Tovább
2024. Szep. 23.

NA - CVE-2024-23922 - Sony XAV-AX5500 Insufficient Firmware Update...

Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected...
security-database.com
Tovább
2024. Szep. 23.

NA - CVE-2024-23933 - Sony XAV-AX5500 CarPlay TLV Stack-based Buffer...

Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected...
security-database.com
Tovább
2024. Szep. 23.

NA - CVE-2024-23934 - Sony XAV-AX5500 WMV/ASF Parsing Stack-based...

Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
security-database.com
Tovább
2024. Szep. 23.

NA - CVE-2024-23972 - Sony XAV-AX5500 USB Configuration Descriptor...

Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected...
security-database.com
Tovább
2024. Szep. 23.

NA - CVE-2024-34331 - A lack of code signature verification in...

A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows attackers to escalate privileges via a crafted macOS installer, because Parallels Service is setuid root.
security-database.com
Tovább
2024. Szep. 23.

NA - CVE-2024-41228 - A symlink following vulnerability in the pouch...

A symlink following vulnerability in the pouch cp function of AliyunContainerService pouch v1.3.1 allows attackers to escalate privileges and write arbitrary files.
security-database.com
Tovább
2024. Szep. 23.

NA - CVE-2024-46985 - DataEase is an open source data visualization...

DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, there is an XML external entity injection vulnerability in the static resource upload interface of DataEase. An...
security-database.com
Tovább
Nyelv