9.8

CVSS3.1

CVE-2024-45414 -

The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. This function is responsible for decrypting RSA encrypted ciphertext, the encrypted data is supplied base64 encoded. The decoded ciphertext is stored on the stack without checking…

πŸ“… Published: Sept. 16, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2023-45854 -

A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function.

πŸ“… Published: Sept. 16, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.1

CVSS3.1

CVE-2024-46958 -

In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server and client) may become world writable or world readable. This is fixed in 3.13.4.

πŸ“… Published: Sept. 16, 2024, midnight πŸ”„ Last Modified: March 13, 2025, 6:15 p.m.

5.9

CVSS3.1

CVE-2024-42796 -

An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_genre in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to delete the valid music genre entries.

πŸ“… Published: Sept. 16, 2024, midnight πŸ”„ Last Modified: April 28, 2025, 2:56 p.m.

8.1

CVSS3.1

CVE-2024-45416 -

The HTTPD binary in multiple ZTE routers has a local file inclusion vulnerability in session_init function. The session -LUA- files are stored in the directory /var/lua_session, the function iterates on all files in this directory and executes them using the function dofile without any validation i…

πŸ“… Published: Sept. 16, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2024-45415 -

The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in check_data_integrity function. This function is responsible for validating the checksum of data in post request. The checksum is sent encrypted in the request, the function decrypts it and stores the checksu…

πŸ“… Published: Sept. 16, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-46424 -

TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the UploadCustomModule function, which allows attackers to cause a Denial of Service (DoS) via the File parameter.

πŸ“… Published: Sept. 16, 2024, midnight πŸ”„ Last Modified: Sept. 17, 2024, 2:35 p.m.

9.8

CVSS3.1

CVE-2024-46419 -

TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWizardCfg function via the ssid5g parameter.

πŸ“… Published: Sept. 16, 2024, midnight πŸ”„ Last Modified: Sept. 17, 2024, 2:35 p.m.

9.8

CVSS3.1

CVE-2024-46451 -

TOTOLINK AC1200 T8 v4.1.5cu.861_B20230220 has a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter.

πŸ“… Published: Sept. 16, 2024, midnight πŸ”„ Last Modified: Sept. 17, 2024, 2:35 p.m.

7.3

CVSS3.1

CVE-2024-44623 -

An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function.

πŸ“… Published: Sept. 16, 2024, midnight πŸ”„ Last Modified: Sept. 25, 2024, 2:53 p.m.
Total resulsts: 349182
Page 8560 of 34,919
Β« previous page Β» next page
Filters