5.3
CVE-2024-11051 - AMTT Hotel Broadband Operation System online_status.php sql injection
A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been classified as critical. Affected is an unknown function of the file /manager/frontdesk/online_status.php. The manipulation of the argument AccountID leads to sql injection. It is possible to launch thβ¦
5.3
CVE-2024-11050 - AMTT Hotel Broadband Operation System language.php cross site scripting
A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204 and classified as problematic. This issue affects some unknown processing of the file /language.php. The manipulation of the argument LangID/LangName/LangEName leads to cross site scripting. The attack may be initβ¦
6.3
CVE-2024-11049 - ZKTeco ZKBio Time Image File photo direct request
A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is an unknown function of the file /auth_files/photo/ of the component Image File Handler. The manipulation leads to direct request. It is possible to launch the attack remotely. The complexity of an attacβ¦
8.7
CVE-2024-11048 - D-Link DI-8003 dbsrv.asp dbsrv_asp stack-based overflow
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been discloβ¦
8.7
CVE-2024-11047 - D-Link DI-8003 upgrade_filter.asp upgrade_filter_asp stack-based overflow
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to stack-based buffer overflow. The attack can be launched remotelβ¦
5.3
CVE-2024-11046 - D-Link DI-8003 upgrade_filter.asp upgrade_filter_asp os command injection
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical. Affected is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to os command injection. It is possible to launch the attack remotely. The exploit hasβ¦
8.4
CVE-2024-46954 - ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
8.4
CVE-2024-46952 - ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling
An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).
0.0
CVE-2023-40457 -
The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1 allows an attacker (who is not on a directly connected network) to cause a denial of service (BGP session reset) because of BGP attribute error mishandling (for attribute 21 and 25). NOTE: the vendor disputes this because it is "evalβ¦
3.5
CVE-2020-10368 -
Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory read access via a "Spectra" attack.