MD-404AA, MD-808AA Security Vulnerabilities
CVE-2024-4590 DedeCMS sys_info.php cross-site request forgery
A vulnerability was found in DedeCMS 5.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /src/dede/sys_info.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the...
4.3CVSS
6.6AI Score
0.0004EPSS
CVE-2024-4590 DedeCMS sys_info.php cross-site request forgery
A vulnerability was found in DedeCMS 5.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /src/dede/sys_info.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the...
4.3CVSS
4.9AI Score
0.0004EPSS
A vulnerability was found in DedeCMS 5.7. It has been classified as problematic. Affected is an unknown function of the file /src/dede/mytag_add.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and....
4.3CVSS
6.6AI Score
0.0004EPSS
A vulnerability was found in DedeCMS 5.7. It has been classified as problematic. Affected is an unknown function of the file /src/dede/mytag_add.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and....
4.3CVSS
4.9AI Score
0.0004EPSS
A vulnerability was found in DedeCMS 5.7 and classified as problematic. This issue affects some unknown processing of the file /src/dede/tpl.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...
4.3CVSS
4.9AI Score
0.0004EPSS
A vulnerability was found in DedeCMS 5.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /src/dede/mytag_edit.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed.....
4.3CVSS
6.6AI Score
0.0004EPSS
A vulnerability was found in DedeCMS 5.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /src/dede/mytag_edit.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed.....
4.3CVSS
4.9AI Score
0.0004EPSS
A vulnerability was found in DedeCMS 5.7 and classified as problematic. This issue affects some unknown processing of the file /src/dede/tpl.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...
4.3CVSS
6.5AI Score
0.0004EPSS
A vulnerability has been found in DedeCMS 5.7 and classified as problematic. This vulnerability affects unknown code of the file /src/dede/shops_delivery.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public...
4.3CVSS
5AI Score
0.0004EPSS
A vulnerability has been found in DedeCMS 5.7 and classified as problematic. This vulnerability affects unknown code of the file /src/dede/shops_delivery.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public...
4.3CVSS
6.7AI Score
0.0004EPSS
CVE-2024-4589 DedeCMS mytag_edit.php cross-site request forgery
A vulnerability was found in DedeCMS 5.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /src/dede/mytag_edit.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed.....
4.3CVSS
5AI Score
0.0004EPSS
CVE-2024-4588 DedeCMS mytag_add.php cross-site request forgery
A vulnerability was found in DedeCMS 5.7. It has been classified as problematic. Affected is an unknown function of the file /src/dede/mytag_add.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and....
4.3CVSS
5AI Score
0.0004EPSS
CVE-2024-4587 DedeCMS tpl.php cross-site request forgery
A vulnerability was found in DedeCMS 5.7 and classified as problematic. This issue affects some unknown processing of the file /src/dede/tpl.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...
4.3CVSS
4.9AI Score
0.0004EPSS
CVE-2024-4586 DedeCMS shops_delivery.php cross-site request forgery
A vulnerability has been found in DedeCMS 5.7 and classified as problematic. This vulnerability affects unknown code of the file /src/dede/shops_delivery.php. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public...
4.3CVSS
5AI Score
0.0004EPSS
A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/member_type.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and....
4.3CVSS
6.5AI Score
0.0004EPSS
A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/member_type.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and....
4.3CVSS
4.8AI Score
0.0004EPSS
CVE-2024-4585 DedeCMS member_type.php cross-site request forgery
A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/member_type.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and....
4.3CVSS
4.9AI Score
0.0004EPSS
CVE-2024-4585 DedeCMS member_type.php cross-site request forgery
A vulnerability, which was classified as problematic, was found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/member_type.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and....
4.3CVSS
6.6AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after...
6.5CVSS
7.5AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after...
6.5CVSS
6.8AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer...
6.5CVSS
6.9AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer...
3.3CVSS
6.7AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer...
3.3CVSS
3.9AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer...
6.5CVSS
7.6AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after...
6.5CVSS
7.5AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after...
6.5CVSS
6.8AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer...
5.2CVSS
7.6AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer...
3.3CVSS
6.6AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer...
3.3CVSS
3.9AI Score
0.0004EPSS
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer...
5.2CVSS
5.8AI Score
0.0004EPSS
CVE-2024-3759 Hmdfs has a use after free vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after...
6.5CVSS
7AI Score
0.0004EPSS
CVE-2024-3759 Hmdfs has a use after free vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through use after...
6.5CVSS
7.5AI Score
0.0004EPSS
CVE-2024-3758 Hmdfs has a heap buffer overflow vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer...
6.5CVSS
7.2AI Score
0.0004EPSS
CVE-2024-3757 Arkcompiler runtime has an integer overflow vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer...
3.3CVSS
6.8AI Score
0.0004EPSS
CVE-2024-3757 Arkcompiler runtime has an integer overflow vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through integer...
3.3CVSS
4.3AI Score
0.0004EPSS
CVE-2024-31078 Bluetooth Service has a use after free vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer...
3.3CVSS
4.3AI Score
0.0004EPSS
CVE-2024-31078 Bluetooth Service has a use after free vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause service crash through NULL pointer...
3.3CVSS
6.7AI Score
0.0004EPSS
CVE-2024-23808 Arkcompiler ets frontend has an out-of-bounds read vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free or cause DOS through NULL pointer...
5.2CVSS
6.2AI Score
0.0004EPSS
CVE-2024-27217 MSDP has a use after free vulnerability
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after...
6.5CVSS
7AI Score
0.0004EPSS
CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fckedit_action method of /admin/template_admin.php. This vulnerability allows attackers to read arbitrary...
7AI Score
0.0004EPSS
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1490-1)
The remote host is missing an update for...
7.8CVSS
7.1AI Score
EPSS
8CVSS
7.3AI Score
0.0005EPSS
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6765-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6765-1 advisory. In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed...
7.8CVSS
7.5AI Score
EPSS
CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fckedit_action method of /admin/template_admin.php. This vulnerability allows attackers to read arbitrary...
7.1AI Score
0.0004EPSS
3.7CVSS
4.4AI Score
0.001EPSS
7.8CVSS
5.9AI Score
0.0004EPSS
Releases Ubuntu 20.04 LTS Ubuntu 18.04 ESM Packages linux - Linux kernel linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems linux-azure - Linux kernel for Microsoft Azure Cloud systems linux-azure-5.4 - Linux kernel...
7.8CVSS
6.8AI Score
0.0004EPSS
3.7CVSS
4.4AI Score
0.001EPSS
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1466-1)
The remote host is missing an update for...
7.8CVSS
7.1AI Score
EPSS
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1480-1)
The remote host is missing an update for...
7.8CVSS
7.1AI Score
EPSS