8.8

CVSS3.1

CVE-2024-42557 -

A Cross-Site Request Forgery (CSRF) in the component admin_modify_room.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges.

๐Ÿ“… Published: Aug. 20, 2024, midnight ๐Ÿ”„ Last Modified: June 5, 2025, 8:18 p.m.

5.5

CVSS3.1

CVE-2024-43867 - drm/nouveau: prime: fix refcount underflow

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix refcount underflow Calling nouveau_bo_ref() on a nouveau_bo without initializing it (and hence the backing ttm_bo) leads to a refcount underflow. Instead of calling nouveau_bo_ref() in the unwind path of โ€ฆ

๐Ÿ“… Published: Aug. 20, 2024, midnight ๐Ÿ”„ Last Modified: Nov. 3, 2025, 10:18 p.m.

9.6

CVSS3.1

CVE-2024-42581 -

A Cross-Site Request Forgery (CSRF) in the component delete_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.

๐Ÿ“… Published: Aug. 20, 2024, midnight ๐Ÿ”„ Last Modified: Aug. 21, 2024, 1:38 p.m.

9.8

CVSS3.1

CVE-2024-42569 -

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at paidclass.php.

๐Ÿ“… Published: Aug. 20, 2024, midnight ๐Ÿ”„ Last Modified: June 5, 2025, 8:17 p.m.

4.3

CVSS3.1

CVE-2024-38808 - CVE-2024-38808: Spring Expression DoS Vulnerability

In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition. Specifically, an application is vulnerable when the following is truโ€ฆ

๐Ÿ“… Published: Aug. 20, 2024, midnight ๐Ÿ”„ Last Modified: June 18, 2025, 12:10 p.m.

9.8

CVSS3.1

CVE-2024-42572 -

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at unitmarks.php.

๐Ÿ“… Published: Aug. 20, 2024, midnight ๐Ÿ”„ Last Modified: Aug. 21, 2024, 4:35 p.m.

9.8

CVSS3.1

CVE-2024-42568 -

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the transport parameter at vehicle.php.

๐Ÿ“… Published: Aug. 20, 2024, midnight ๐Ÿ”„ Last Modified: Sept. 3, 2024, 6:35 p.m.

7.3

CVSS3.1

CVE-2024-43688 -

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring.

๐Ÿ“… Published: Aug. 20, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.3

CVSS4.0

CVE-2024-7936 - itsourcecode Project Expense Monitoring System transferred_report.php sql injection

A vulnerability classified as critical has been found in itsourcecode Project Expense Monitoring System 1.0. This affects an unknown part of the file transferred_report.php. The manipulation of the argument start/end/employee leads to sql injection. It is possible to initiate the attack remotely. Tโ€ฆ

๐Ÿ“… Published: Aug. 19, 2024, 11:31 p.m. ๐Ÿ”„ Last Modified: Sept. 3, 2024, 8:43 p.m.

7.8

CVSS3.1

CVE-2024-7305 - DWF Vulnerability in Autodesk Desktop Software

A maliciously crafted DWF file, when parsed in AdDwfPdk.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

๐Ÿ“… Published: Aug. 19, 2024, 11:28 p.m. ๐Ÿ”„ Last Modified: Aug. 26, 2025, 7:57 p.m.
Total resulsts: 349182
Page 8799 of 34,919
ยซ previous page ยป next page
Filters