3.7
CVE-2024-10917 - Eclipse OpenJ9 might return an incorrect value in JNI function GetStringUTFLength
In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters.
6.4
CVE-2024-45088 - IBM Maximo Asset Management cross-site scripting
IBM Maximo Asset Management 7.6.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
5.4
CVE-2024-43439 - Moodle: reflected xss via h5p error message
A flaw was found in moodle. H5P error messages require additional sanitizing to prevent a reflected cross-site scripting (XSS) risk.
8.4
CVE-2024-39354 - Delta Electronics DIAScreen Stack-based Buffer Overflow
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the attacker to remotely execute arbitrary code.
8.4
CVE-2024-39605 - Delta Electronics DIAScreen Stack-based Buffer Overflow
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetParameter can be exploited, allowing the attacker to remotely execute arbitrary code.
8.4
CVE-2024-47131 - Delta Electronics DIAScreen Stack-based Buffer Overflow
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetObjectInfo can be exploited, allowing the attacker to remotely execute arbitrary code.
5.3
CVE-2024-11070 - Sanluan PublicCMS Tag Type save cross site scripting
A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS 5.202406.d. This issue affects some unknown processing of the file /admin/cmsTagType/save of the component Tag Type Handler. The manipulation of the argument name leads to cross site scripting. The attack may โฆ
8.7
CVE-2024-10314 - Unauthenticated Denial of Service via Auto Generation Function
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the auto-generation function was identified. Reported by Karol Wiฤsek.
8.7
CVE-2024-10344 - Unauthenticated Denial of Service via Refuse Function
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Wiฤsek.
8.7
CVE-2024-10345 - Unauthenticated Denial of Service via Shutdown Function
In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Wiฤsek.