7.1
CVE-2024-35428 -
ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via BaseMediaFile. An authenticated user can delete local files from the server which can lead to DoS.
3.5
CVE-2024-36118 - Unauthorized viewing of workspace test cases in MeterSphere
MeterSphere is a test management and interface testing tool. In affected versions users without workspace permissions can view functional test cases of other workspaces beyond their authority. This issue has been addressed in version 2.10.15-lts. Users of MeterSphere are advised to upgrade. There aโฆ
0.0
CVE-2024-36998 -
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
0.0
CVE-2024-36988 -
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
0.0
CVE-2024-5538 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
0.0
CVE-2024-5537 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
6.5
CVE-2024-35429 -
ZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via eventRecord.
9.8
CVE-2024-35349 -
A vulnerability has been discovered in Diรฑo Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/category/view_category.php. Manipulating the argument id can result in SQL injection.
9.8
CVE-2024-35350 -
A vulnerability has been discovered in Diรฑo Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /admin/?page=borrow/view_borrow. Manipulating the argument id can result in SQL injection.
5.4
CVE-2024-35351 -
A vulnerability has been discovered in Diรฑo Physics School Assistant version 2.3. This vulnerability impacts unidentified code within the file /classes/SystemSettings.php?f=update_settings. Manipulating the parameter name results in cross-site scripting.