8.8

CVSS3.1

CVE-2024-46624 -

An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their privileges to Administrator via a crafted payload sent to /api/users.

📅 Published: Dec. 3, 2024, midnight 🔄 Last Modified: Dec. 4, 2024, 3:15 p.m.

8.8

CVSS3.1

CVE-2024-46625 -

An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of InfoDom Performa 365 v4.0.1 allows attackers to execute arbitrary code via uploading a crafted SVG file.

📅 Published: Dec. 3, 2024, midnight 🔄 Last Modified: Dec. 11, 2024, 3:15 p.m.

9.8

CVSS3.1

CVE-2024-51363 -

Insecure deserialization in Hodoku v2.3.0 to v2.3.2 allows attackers to execute arbitrary code.

📅 Published: Dec. 3, 2024, midnight 🔄 Last Modified: Dec. 11, 2024, 3:15 p.m.

2.8

CVSS3.1

CVE-2024-53921 -

An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process.

📅 Published: Dec. 3, 2024, midnight 🔄 Last Modified: June 3, 2025, 4:34 p.m.

7.5

CVSS3.1

CVE-2024-50948 -

mochiMQTT v2.6.3 is vulnerable to Denial of Service (DoS) due to improper resource management. An attacker can exhaust system memory and crash the broker by establishing and maintaining a large number of malicious, long-term publish/subscribe sessions.

📅 Published: Dec. 3, 2024, midnight 🔄 Last Modified: April 3, 2026, 4:16 p.m.

6.2

CVSS3.1

CVE-2018-9435 -

In gatt_process_error_rsp of gatt_cl.cc, there is a possible out of bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

📅 Published: Dec. 2, 2024, 10:12 p.m. 🔄 Last Modified: Dec. 18, 2024, 8 p.m.

7.8

CVSS3.1

CVE-2018-9431 -

In OSUInfo of OSUInfo.java, there is a possible escalation of privilege due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

📅 Published: Dec. 2, 2024, 9:39 p.m. 🔄 Last Modified: Dec. 18, 2024, 8:17 p.m.

9.8

CVSS3.1

CVE-2018-9430 -

In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

📅 Published: Dec. 2, 2024, 9:36 p.m. 🔄 Last Modified: Dec. 18, 2024, 8:15 p.m.

6.5

CVSS3.1

CVE-2018-9429 -

In buildImageItemsIfPossible of ItemTable.cpp there is a possible out of bound read due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

📅 Published: Dec. 2, 2024, 9:33 p.m. 🔄 Last Modified: Dec. 18, 2024, 8:15 p.m.

6.5

CVSS3.1

CVE-2018-9426 -

In  RsaKeyPairGenerator::getNumberOfIterations of RSAKeyPairGenerator.java, an incorrect implementation could cause weak RSA key pairs being generated. This could lead to crypto vulnerability with no additional execution privileges needed. User interaction is not needed for exploitation. Bulletin F…

📅 Published: Dec. 2, 2024, 9:30 p.m. 🔄 Last Modified: Dec. 18, 2024, 8:21 p.m.
Total resulsts: 344126
Page 7138 of 34,413
« previous page » next page
Filters