8.1

CVSS3.1

CVE-2024-33402 -

A SQL injection vulnerability in /model/approve_petty_cash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter.

๐Ÿ“… Published: May 28, 2024, 5:57 p.m. ๐Ÿ”„ Last Modified: March 25, 2025, 5:13 p.m.

9.9

CVSS3.1

CVE-2024-35344 -

Certain Anpviz products contain a hardcoded cryptographic key stored in the firmware of the device. This affects IPC-D250, IPC-D260, IPC-B850, IPC-D850, IPC-D350, IPC-D3150, IPC-D4250, IPC-D380, IPC-D880, IPC-D280, IPC-D3180, MC800N, YM500L, YM800N_N2, YMF50B, YM800SV2, YM500L8, and YM200E10 firmwaโ€ฆ

๐Ÿ“… Published: May 28, 2024, 5:01 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-35341 -

Certain Anpviz products allow unauthenticated users to download the running configuration of the device via a HTTP GET request to /ConfigFile.ini or /config.xml URIs. This configuration file contains usernames and encrypted passwords (encrypted with a hardcoded key common to all devices). This affeโ€ฆ

๐Ÿ“… Published: May 28, 2024, 4:57 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.6

CVSS3.1

CVE-2024-35342 -

Certain Anpviz products allow unauthenticated users to modify or disable camera related settings such as microphone volume, speaker volume, LED lighting, NTP, motion detection, etc. This affects IPC-D250, IPC-D260, IPC-B850, IPC-D850, IPC-D350, IPC-D3150, IPC-D4250, IPC-D380, IPC-D880, IPC-D280, IPโ€ฆ

๐Ÿ“… Published: May 28, 2024, 4:52 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2024-35343 -

Certain Anpviz products allow unauthenticated users to download arbitrary files from the device's filesystem via a HTTP GET request to the /playback/ URI. This affects IPC-D250, IPC-D260, IPC-B850, IPC-D850, IPC-D350, IPC-D3150, IPC-D4250, IPC-D380, IPC-D880, IPC-D280, IPC-D3180, MC800N, YM500L, YMโ€ฆ

๐Ÿ“… Published: May 28, 2024, 4:46 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.1

CVSS3.1

CVE-2024-30165 -

Amazon AWS Client VPN before 3.9.1 on macOS has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions, a different vulnerability than CVE-2024-30164.

๐Ÿ“… Published: May 28, 2024, 4:45 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.7

CVSS3.1

CVE-2024-30164 -

Amazon AWS Client VPN has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions. This is resolved in 3.11.1 on Windows, 3.9.1 on macOS, and 3.12.1 on Linux. NOTE: although the macOS resolution is the same as for CVE-2024-30165, this vulโ€ฆ

๐Ÿ“… Published: May 28, 2024, 4:44 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2024-35563 -

CDG-Server-V5.6.2.126.139 and earlier was discovered to contain a SQL injection vulnerability via the permissionId parameter in CDGTempPermissions.

๐Ÿ“… Published: May 28, 2024, 4:37 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.6

CVSS4.0

CVE-2024-26024 - SUBNET Substation Server Reliance on Insufficiently Trustworthy Component

SUBNET Solutions Inc. has identified vulnerabilities in third-party components used in Substation Server.

๐Ÿ“… Published: May 28, 2024, 4:34 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2024-34854 -

F-logic DataCube3 v1.0 is vulnerable to File Upload via `/admin/transceiver_schedule.php.`

๐Ÿ“… Published: May 28, 2024, 4:30 p.m. ๐Ÿ”„ Last Modified: June 10, 2025, 5:19 p.m.
Total resulsts: 349182
Page 9651 of 34,919
ยซ previous page ยป next page
Filters