5.3
CVE-2024-12000 - code-projects Blood Bank System Setting updatesettings.php cross site scripting
A vulnerability was found in code-projects Blood Bank System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to cross site scripting. The β¦
5.3
CVE-2024-11998 - code-projects Farmacia visualizer-forneccedor.chp sql injection
A vulnerability was found in code-projects Farmacia 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /visualizer-forneccedor.chp. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been discloseβ¦
5.3
CVE-2024-11997 - code-projects Farmacia vendas.php cross site scripting
A vulnerability was found in code-projects Farmacia 1.0. It has been classified as problematic. This affects an unknown part of the file /vendas.php. The manipulation of the argument notaFiscal leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclβ¦
5.3
CVE-2024-11996 - code-projects Farmacia editar-fornecedor.php cross site scripting
A vulnerability was found in code-projects Farmacia 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /editar-fornecedor.php. The manipulation of the argument cidade leads to cross site scripting. The attack may be launched remotely. The exploit hasβ¦
6.1
CVE-2024-11252 - Social Sharing Plugin β Sassy Social Share <= 3.3.69 - Reflected Cross-Site Scripting via heateor_mβ¦
The Social Sharing Plugin β Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share parameter in all versions up to, and including, 3.3.69 due to insufficient input sanitization and output escaping. This makes it possible for unauthentiβ¦
8.1
CVE-2024-43703 - GPU DDK - Duplicate calls to RGXCreateFreeList on the same reservation leads to GPU UAF
Software installed and run as a non-privileged user may conduct improper GPU system calls to achieve unauthorised reads and writes of physical memory from the GPU HW.
8.1
CVE-2024-43702 - GPU DDK - MLIST/PM render state buffers writable allowing arbitrary writes to kernel memory pages
Software installed and run as a non-privileged user may conduct improper GPU system calls to allow unprivileged access to arbitrary physical memory page.
5.3
CVE-2024-11995 - code-projects Farmacia pagamento.php cross site scripting
A vulnerability has been found in code-projects Farmacia 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /pagamento.php. The manipulation of the argument total leads to cross site scripting. The attack can be launched remotely. The exploit hβ¦
6.9
CVE-2024-53980 - Spoofed length byte traps CC2538 in endless loop
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) devices and other embedded devices. A malicious actor can send a IEEE 802.15.4 packet with spoofed length byte and optionally spoofed FCS, which eventually results into an endlessβ¦
5.4
CVE-2024-53983 - Server-side request forgery in Backstage Scaffolder plugin
The Backstage Scaffolder plugin Houses types and utilities for building scaffolder-related modules. A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection (SSTI) can be exploited to perform Git config injection. The vulnerability allows an β¦