Loftware Spectrum before 5.1 allows SSRF.

Renwoxing Enterprise Intelligent Management System before v3.0 was discovered to contain a SQL injection vulnerability via the parid parameter at /fx/baseinfo/SearchInfo.

Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF.

Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function.

Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows remote attackers to run arbitrary commands via crafted POST request.

DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2024-45593. Reason: This record is a reservation duplicate of CVE-2024-45593. Notes: All CVE users should reference CVE-2024-45593 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.

phpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component /autoload/file.php.

Loftware Spectrum through 4.6 has unprotected JMX Registry.

An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. The xclipse amdgpu driver has a reference count bug. This can lead to a use after free.

A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. Affected by this vulnerability is an unknown functionality of the file ssms.php. The manipulation of the argument customer leads to sql injection. The attack can be launched remotely. The exploit has b…