CVE-2024-4588 DedeCMS mytag_add.php cross-site request forgery
A vulnerability was found in DedeCMS 5.7. It has been classified as problematic. Affected is an unknown function of the file /src/dede/mytag_add.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and....
4.3CVSS
5AI Score
0.0004EPSS
CVE-2024-4587 DedeCMS tpl.php cross-site request forgery
A vulnerability was found in DedeCMS 5.7 and classified as problematic. This issue affects some unknown processing of the file /src/dede/tpl.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...
4.3CVSS
4.9AI Score
0.0004EPSS
CVE-2024-4586 DedeCMS shops_delivery.php cross-site request forgery
A vulnerability has been found in DedeCMS 5.7 and classified as problematic. This vulnerability affects unknown code of the file /src/dede/shops_delivery.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public...
4.3CVSS
5AI Score
0.0004EPSS
A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/member_type.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and....
4.3CVSS
6.5AI Score
0.0004EPSS
A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/member_type.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and....
4.3CVSS
4.8AI Score
0.0004EPSS
CVE-2024-4585 DedeCMS member_type.php cross-site request forgery
A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/member_type.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and....
4.3CVSS
4.9AI Score
0.0004EPSS
CVE-2024-4585 DedeCMS member_type.php cross-site request forgery
A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/member_type.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and....
4.3CVSS
6.6AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after...
6.5CVSS
7.5AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after...
6.5CVSS
6.8AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer...
6.5CVSS
6.9AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer...
3.3CVSS
6.7AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer...
3.3CVSS
3.9AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer...
6.5CVSS
7.6AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after...
6.5CVSS
7.5AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after...
6.5CVSS
6.8AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer...
5.2CVSS
7.6AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer...
3.3CVSS
6.6AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer...
3.3CVSS
3.9AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer...
5.2CVSS
5.8AI Score
0.0004EPSS
CVE-2024-3759 Hmdfs has a use after free vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after...
6.5CVSS
7AI Score
0.0004EPSS
CVE-2024-3759 Hmdfs has a use after free vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after...
6.5CVSS
7.5AI Score
0.0004EPSS
CVE-2024-3758 Hmdfs has a heap buffer overflow vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer...
6.5CVSS
7.2AI Score
0.0004EPSS
CVE-2024-3757 Arkcompiler runtime has an integer overflow vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer...
3.3CVSS
6.8AI Score
0.0004EPSS
CVE-2024-3757 Arkcompiler runtime has an integer overflow vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer...
3.3CVSS
4.3AI Score
0.0004EPSS
CVE-2024-31078 Bluetooth Service has a use after free vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer...
3.3CVSS
4.3AI Score
0.0004EPSS
CVE-2024-31078 Bluetooth Service has a use after free vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer...
3.3CVSS
6.7AI Score
0.0004EPSS
CVE-2024-23808 Arkcompiler ets frontend has an out-of-bounds read vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer...
5.2CVSS
6.2AI Score
0.0004EPSS
CVE-2024-27217 MSDP has a use after free vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after...
6.5CVSS
7AI Score
0.0004EPSS
CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fckedit_action method of /admin/template_admin.php. This vulnerability allows attackers to read arbitrary...
7AI Score
0.0004EPSS
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1490-1)
The remote host is missing an update for...
7.8CVSS
7.1AI Score
EPSS
8CVSS
7.3AI Score
0.0005EPSS
CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fckedit_action method of /admin/template_admin.php. This vulnerability allows attackers to read arbitrary...
7.1AI Score
0.0004EPSS
Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-azure-5.4 - Linux kernel...
7.8CVSS
6.8AI Score
0.0004EPSS
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6765-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6765-1 advisory. In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed...
7.8CVSS
7.5AI Score
EPSS
7.8CVSS
5.9AI Score
0.0004EPSS
3.7CVSS
4.4AI Score
0.001EPSS
3.7CVSS
4.4AI Score
0.001EPSS
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1466-1)
The remote host is missing an update for...
7.8CVSS
7.1AI Score
EPSS
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1480-1)
The remote host is missing an update for...
7.8CVSS
7.1AI Score
EPSS
AChecker 1.5 allows remote attackers to read the contents of arbitrary files via the download.php path parameter by using Unauthenticated Path Traversal. This occurs through readfile in PHP. NOTE: This vulnerability only affects products that are no longer supported by the...
6.9AI Score
0.0004EPSS
[SECURITY] [DSA 5681-1] linux security update
Debian Security Advisory DSA-5681-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 06, 2024 https://www.debian.org/security/faq Package : linux CVE ID : CVE-2023-6270 CVE-2023-7042...
8CVSS
7.3AI Score
0.0005EPSS
[SECURITY] [DSA 5680-1] linux security update
Debian Security Advisory DSA-5680-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 06, 2024 https://www.debian.org/security/faq Package : linux CVE ID : CVE-2024-26605 CVE-2024-26817...
7.8CVSS
7AI Score
0.0004EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
0.0004EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
0.0004EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.4AI Score
0.0004EPSS
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
7.1AI Score
0.0004EPSS
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /Admin/user-record.php. The manipulation of the argument txtfullname leads to cross site scripting. The attack can...
2.4CVSS
3.4AI Score
0.0004EPSS
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /Admin/user-record.php. The manipulation of the argument txtfullname leads to cross site scripting. The attack can...
2.4CVSS
6.2AI Score
0.0004EPSS
CVE-2024-4528 SourceCodester Prison Management System user-record.php cross site scripting
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /Admin/user-record.php. The manipulation of the argument txtfullname leads to cross site scripting. The attack can...
2.4CVSS
3.9AI Score
0.0004EPSS
Debian dsa-5680 : affs-modules-6.1.0-21-4kc-malta-di - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5680 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a...
7.8CVSS
6.5AI Score
0.0004EPSS