5.5

CVSS3.1

CVE-2024-46869 - Bluetooth: btintel_pcie: Allocate memory for driver private data

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel_pcie: Allocate memory for driver private data Fix driver not allocating memory for struct btintel_data which is used to store internal data.

πŸ“… Published: Sept. 30, 2024, midnight πŸ”„ Last Modified: May 4, 2025, 9:36 a.m.

6.5

CVSS3.1

CVE-2024-45993 - giflib: heap buffer overflow via gif2rgb

Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb.

πŸ“… Published: Sept. 30, 2024, midnight πŸ”„ Last Modified: July 10, 2025, 3:41 p.m.

9.8

CVSS3.1

CVE-2024-46293 -

Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin-level actions without possessing a valid session token. The application does not verify whether the…

πŸ“… Published: Sept. 30, 2024, midnight πŸ”„ Last Modified: April 28, 2025, 6:07 p.m.

8.4

CVSS3.1

CVE-2024-28813 -

An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexpected network interface.

πŸ“… Published: Sept. 30, 2024, midnight πŸ”„ Last Modified: May 30, 2025, 2:49 p.m.

7.6

CVSS3.1

CVE-2024-46510 -

ESAFENET CDG v5 was discovered to contain a SQL injection vulnerability via the id parameter in the NavigationAjax interface

πŸ“… Published: Sept. 30, 2024, midnight πŸ”„ Last Modified: May 27, 2025, 7:08 p.m.

7.6

CVSS3.1

CVE-2024-46549 -

An issue in the TP-Link MQTT Broker and API gateway of TP-Link Kasa KP125M v1.0.3 allows attackers to establish connections by impersonating devices owned by other users.

πŸ“… Published: Sept. 30, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2024-46503 -

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

πŸ“… Published: Sept. 30, 2024, midnight πŸ”„ Last Modified: Oct. 10, 2024, 2:15 p.m.

8.8

CVSS3.1

CVE-2024-46280 -

PIX-LINK LV-WR22 RE3002-P1-01_V117.0 is vulnerable to Improper Access Control. The TELNET service is enabled with weak credentials for a root-level account, without the possibility of changing them.

πŸ“… Published: Sept. 30, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.9

CVSS3.1

CVE-2024-8447 - Narayana: deadlock via multiple join requests sent to lra coordinator

A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or hang indefinitely, leading to a denial of servi…

πŸ“… Published: Sept. 30, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.3

CVSS4.0

CVE-2024-9328 - SourceCodester Advocate Office Management System edit_client.php sql injection

A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /control/edit_client.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The ex…

πŸ“… Published: Sept. 29, 2024, 10:31 p.m. πŸ”„ Last Modified: Oct. 1, 2024, 11:34 a.m.
Total resulsts: 349182
Page 8440 of 34,919
Β« previous page Β» next page
Filters