8.8

CVSS3.1

CVE-2024-42744 -

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setModifyVpnUser. Authenticated Attackers can send malicious packet to execute arbitrary commands.

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Aug. 15, 2024, 3:35 p.m.

8.8

CVSS3.1

CVE-2024-42543 -

TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the http_host parameter in the loginauth function.

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Aug. 13, 2024, 7:35 p.m.

9.8

CVSS3.1

CVE-2024-41475 -

Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a CORS misconfiguration.

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Sept. 18, 2024, 6:51 p.m.

5.4

CVSS3.1

CVE-2024-33533 -

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0, issue 1 of 2. A reflected cross-site scripting (XSS) vulnerability has been identified in the Zimbra webmail admin interface. This vulnerability occurs due to inadequate input validation of the packages parameter, allowing an authe…

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: March 13, 2025, 9:15 p.m.

7.5

CVSS3.1

CVE-2024-33535 -

An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The vulnerability involves unauthenticated local file inclusion (LFI) in a web application, specifically impacting the handling of the packages parameter. Attackers can exploit this flaw to include arbitrary local files without aut…

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: March 19, 2025, 4:15 p.m.

9.8

CVSS3.1

CVE-2024-41651 -

An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. NOTE: this is disputed by multiple parties, who report that exploitation requires that an attacker be able to hijack network requests made by an admin user (who, by des…

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Oct. 9, 2024, 6:15 p.m.

7.3

CVSS3.1

CVE-2024-42747 -

In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setWanIeCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Aug. 13, 2024, 5:35 p.m.

8.8

CVSS3.1

CVE-2024-42626 -

FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/snippet/add.

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Aug. 13, 2024, 3:35 p.m.

9.8

CVSS3.1

CVE-2024-42545 -

TOTOLINK A3700R v9.1.2u.5822_B20200513 has a buffer overflow vulnerability in the ssid parameter in setWizardCfg function.

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Aug. 13, 2024, 3:35 p.m.

5.5

CVSS3.1

CVE-2024-42258 - mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines

In the Linux kernel, the following vulnerability has been resolved: mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines Yves-Alexis Perez reported commit 4ef9ad19e176 ("mm: huge_memory: don't force huge page alignment on 32 bit") didn't work for x86_32 [1]. It is b…

πŸ“… Published: Aug. 12, 2024, midnight πŸ”„ Last Modified: Nov. 3, 2025, 10:17 p.m.
Total resulsts: 347742
Page 8754 of 34,775
Β« previous page Β» next page
Filters