6.1

CVSS3.1

CVE-2024-34074 - Frappe vuilnerable to an open redirect on login page

Frappe is a full-stack web application framework. Prior to 15.26.0 and 14.74.0, the login page accepts redirect argument and it allowed redirect to untrusted external URls. This behaviour can be used by malicious actors for phishing. This vulnerability is fixed in 15.26.0 and 14.74.0.

πŸ“… Published: May 9, 2024, 2:25 p.m. πŸ”„ Last Modified: Aug. 4, 2025, 2:37 p.m.

7.3

CVSS3.1

CVE-2024-34210 -

TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the CloudACMunualUpdate function via the FileName parameter.

πŸ“… Published: May 9, 2024, 2:22 p.m. πŸ”„ Last Modified: April 9, 2025, 2:15 p.m.

8.8

CVSS3.1

CVE-2024-34211 -

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.

πŸ“… Published: May 9, 2024, 2:20 p.m. πŸ”„ Last Modified: April 9, 2025, 2:15 p.m.

6.8

CVSS3.1

CVE-2024-32874 - In Frigate, Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Servi…

Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Below 0.13.2 Release, when uploading a file or retrieving the filename, a user may intentionally use a large Unicode filename which would lead to a application-level denial of service. This is due to no l…

πŸ“… Published: May 9, 2024, 2:20 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:15 a.m.

7.3

CVSS3.1

CVE-2024-34212 -

TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a stack buffer overflow vulnerability in the CloudACMunualUpdate function.

πŸ“… Published: May 9, 2024, 2:17 p.m. πŸ”„ Last Modified: April 9, 2025, 2:15 p.m.

8.6

CVSS3.1

CVE-2024-34219 -

TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vulnerability in the SetTelnetCfg function, which allows attackers to log in through telnet.

πŸ“… Published: May 9, 2024, 2:07 p.m. πŸ”„ Last Modified: April 4, 2025, 2:47 p.m.

6.2

CVSS3.1

CVE-2024-31803 -

Buffer Overflow vulnerability in emp-ot v.0.2.4 allows a remote attacker to execute arbitrary code via the FerretCOT<T>::read_pre_data128_from_file function.

πŸ“… Published: May 9, 2024, 1:56 p.m. πŸ”„ Last Modified: Feb. 13, 2025, 3:47 p.m.

3.8

CVSS3.1

CVE-2024-34218 -

TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter.

πŸ“… Published: May 9, 2024, 1:52 p.m. πŸ”„ Last Modified: April 4, 2025, 2:47 p.m.

5.3

CVSS4.0

CVE-2024-4677 - Campcodes Complete Web-Based School Management System my_student_exam_marks1.php cross site scripti…

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /view/my_student_exam_marks1.php. The manipulation of the argument year leads to cross site scripting. It is possible to launch …

πŸ“… Published: May 9, 2024, 1:31 p.m. πŸ”„ Last Modified: Feb. 19, 2025, 6:06 p.m.

5.3

CVSS4.0

CVE-2024-4676 - Campcodes Complete Web-Based School Management System range_grade_text.php cross site scripting

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /view/range_grade_text.php. The manipulation of the argument count leads to cross site scripting. The attack may be initiated …

πŸ“… Published: May 9, 2024, 1 p.m. πŸ”„ Last Modified: Feb. 19, 2025, 6:06 p.m.
Total resulsts: 343982
Page 9409 of 34,399
Β« previous page Β» next page
Filters