8.7
CVE-2024-9909 - D-Link DIR-619L B1 formSetMuti buffer overflow
A vulnerability has been found in D-Link DIR-619L B1 2.06 and classified as critical. Affected by this vulnerability is the function formSetMuti of the file /goform/formSetMuti. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The exploit has bβ¦
7.1
CVE-2024-6959 - Denial of Service (DOS) in multipart boundary while uploading file in parisneo/lollms-webui
A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack when uploading an audio file. If an attacker appends a large number of characters to the end of a multipart boundary, the system will continuously process each character, rendering lollms-webui inaccessβ¦
5.1
CVE-2024-9908 - D-Link DIR-619L B1 formSetMACFilter buffer overflow
A vulnerability, which was classified as critical, was found in D-Link DIR-619L B1 2.06. Affected is the function formSetMACFilter of the file /goform/formSetMACFilter. The manipulation of the argument curTime leads to buffer overflow. The exploit has been disclosed to the public and may be used.
6.3
CVE-2024-9907 - QileCMS Verification Code Forget.php sendEmail password recovery
A vulnerability classified as problematic was found in QileCMS up to 1.1.3. This vulnerability affects the function sendEmail of the file /qilecms/user/controller/Forget.php of the component Verification Code Handler. The manipulation leads to weak password recovery. The attack can be initiated remβ¦
5.3
CVE-2024-9906 - SourceCodester Online Eyewear Shop cross site scripting
A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument Code leads to cross site scripting. It is possible to launch the attackβ¦
5.3
CVE-2024-9905 - SourceCodester Online Eyewear Shop sql injection
A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This issue affects some unknown processing of the file /admin/?page=inventory/view_inventory&id=2. The manipulation of the argument id leads to sql injection. The attack may be initiated remβ¦
5.1
CVE-2024-9904 - 07FLYCMS/07FLY-CMS/07FlyCRM pictureUpload unrestricted upload
A vulnerability classified as critical was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This vulnerability affects the function pictureUpload of the file /admin/File/pictureUpload. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. Thβ¦
5.1
CVE-2024-9903 - 07FLYCMS/07FLY-CMS/07FlyCRM fileUpload unrestricted upload
A vulnerability classified as critical has been found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.2.0. This affects the function fileUpload of the file /admin/File/fileUpload. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The expβ¦
5.3
CVE-2024-9894 - code-projects Blood Bank System reset.php sql injection
A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file reset.php. The manipulation of the argument useremail leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosedβ¦
5.3
CVE-2024-9979 - Pyo3: risk of use-after-free in `borrowed` reads from python weak references
A flaw was found in PyO3. This vulnerability causes a use-after-free issue, potentially leading to memory corruption or crashes via unsound borrowing from weak Python references.