8.4
CVE-2024-47966 - Use of Uninitialized Variable vulnerability in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper initialization of memory prior to accessing it. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process.
8.4
CVE-2024-47965 - Out-of-bounds Read vulnerability in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process.
8.4
CVE-2024-47964 - Heap-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process.
8.4
CVE-2024-47963 - Out-of-bounds Write vulnerability in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process.
8.4
CVE-2024-47962 - Stack-based Buffer Overflow vulnerability in Delta Electronics CNCSoft-G2
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can manipulate an insider to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current proβ¦
5.3
CVE-2024-9803 - code-projects Blood Bank Management System blooddetails.php cross site scripting
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as problematic. This affects an unknown part of the file blooddetails.php. The manipulation of the argument Availibility leads to cross site scripting. It is possible to initiate the attack remotely.β¦
5.3
CVE-2024-9799 - SourceCodester Profile Registration without Reload Refresh add.php cross site scripting
A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation of the argument email_address/address/company_name/job_title/jobDescriptioβ¦
6.9
CVE-2024-9797 - code-projects Blood Bank System register.php sql injection
A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file register.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed tβ¦
5.3
CVE-2024-9794 - Codezips Online Shopping Portal update-image1.php unrestricted upload
A vulnerability, which was classified as critical, has been found in Codezips Online Shopping Portal 1.0. This issue affects some unknown processing of the file /update-image1.php. The manipulation of the argument productimage1 leads to unrestricted upload. The attack may be initiated remotely. Theβ¦
9.2
CVE-2023-25581 - Deserialization of untrusted data in InternalAttributeHandler in pac4j
pac4j is a security framework for Java. `pac4j-core` prior to version 4.0.0 is affected by a Java deserialization vulnerability. The vulnerability affects systems that store externally controlled values in attributes of the `UserProfile` class from pac4j-core. It can be exploited by providing an atβ¦