4.3
CVE-2024-4172 - idcCMS cross-site request forgery
A vulnerability classified as problematic was found in idcCMS 1.35. Affected by this vulnerability is an unknown functionality of the file /admin/admin_cl.php?mudi=revPwd. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to thβ¦
8.8
CVE-2024-4171 - Tenda W30E WizardHandle fromWizardHandle stack-based overflow
A vulnerability classified as critical has been found in Tenda W30E 1.0/1.0.1.25. Affected is the function fromWizardHandle of the file /goform/WizardHandle. The manipulation of the argument PPW leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has beenβ¦
7.3
CVE-2024-4024 - Authentication Bypass by Assumed-Immutable Data in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. Under certain conditions, an attacker with their Bitbucket account credentials may be able to take oβ¦
4.3
CVE-2024-4006 - Incorrect Authorization in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL subscriptions
8.8
CVE-2024-4170 - Tenda 4G300 sub_429A30 stack-based overflow
A vulnerability was found in Tenda 4G300 1.01.42. It has been rated as critical. This issue affects the function sub_429A30. The manipulation of the argument list1 leads to stack-based buffer overflow. The attack may be initiated remotely. The identifier VDB-261989 was assigned to this vulnerabilitβ¦
8.8
CVE-2024-4169 - Tenda 4G300 sub_4279CC stack-based overflow
A vulnerability was found in Tenda 4G300 1.01.42. It has been declared as critical. This vulnerability affects the function sub_42775C/sub_4279CC. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The identifier of this vulnerability iβ¦
5.9
CVE-2024-25026 - IBM WebSphere Application Server denial of service
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 are vulnerable to a denial of service, caused by sending a specially crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.β¦
8.8
CVE-2024-4168 - Tenda 4G300 sub_4260F0 stack-based overflow
A vulnerability was found in Tenda 4G300 1.01.42. It has been classified as critical. This affects the function sub_4260F0. The manipulation of the argument upfilen leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The associated identifier of this vulnerability β¦
8.8
CVE-2024-4167 - Tenda 4G300 sub_422AA4 stack-based overflow
A vulnerability was found in Tenda 4G300 1.01.42 and classified as critical. Affected by this issue is the function sub_422AA4. The manipulation of the argument year/month/day/hour/minute/second leads to stack-based buffer overflow. The attack may be launched remotely. VDB-261986 is the identifier β¦
5.4
CVE-2024-4175 - Improper Input Validation vulnerability in Hyperion Web Server
Unicode transformation vulnerability in Hyperion affecting version 2.0.15. This vulnerability could allow an attacker to send a malicious payload with Unicode characters that will be replaced by ASCII characters.