webkitgtk: Processing a file may lead to unexpected app termination or arbitrary code execution

A flaw was found in WebKitGTK. Processing malicious web content can cause unexpected app termination or arbitrary code execution due to improper checks...

Fedora 37 : nginx (2022-12721789aa)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-12721789aa advisory. Security: processing of a specially crafted mp4 file by the ngxhttpmp4module might cause a worker process crash, worker process memory disclosure, o...

CVE-2024-11070

CVE-2024-11070 affects Sanluan PublicCMS 5.202406.d. The issue is a cross-site scripting vulnerability in the Tag Type Handler, specifically in the /admin/cmsTagType/save endpoint where manipulation of the argument name enables XSS. The vulnerability can be triggered remotely and the exploit has ...

CVE-2024-10809

CVE-2024-10809 impacts the Code-Projects E-Health Care System v1.0. The vulnerability lies in the web endpoint /Doctor/chat.php, where manipulating the parameters name (and by indication, also message ) enables an SQL injection. This remote-access issue is described across multiple sources (NVD, ...

CVE-2024-10730

A vulnerability, which was classified as critical, has been found in Tongda OA up to 11.6. This issue affects some unknown processing of the file /pda/appcenter/webshow.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2024-10618

CVE-2024-10618 affects Tongda OA 2017 up to 11.10. The vulnerability is a SQL injection in the repid parameter of /pda/reportshop/record_detail.php, exploitable remotely. Public exploit disclosure is noted. Connected sources (Red Hat/CVE lists, CNNVD, PT-Security, and Vuldb) consistently describe...

CVE-2024-44144

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1, tvOS 18, watchOS 11, visionOS 2, iOS 18 and iPadOS 18. Processing a maliciously crafted file may lead to unexpected app termination...

CVE-2024-44218

This issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to heap corruption...

webkitgtk: Processing a file may lead to unexpected app termination or arbitrary code execution

A flaw was found in WebKitGTK. Processing malicious web content can cause unexpected app termination or arbitrary code execution due to improper checks...

CVE-2024-10416

The CVE-2024-10416 vulnerability affects Code-Projects Blood Bank Management System 1.0, in the processing of /file/cancel.php. The root cause is improper handling of the reqid parameter, leading to SQL injection. Exploitation can be remote, and public disclosure exists. No patch/version details ...

CVE-2024-9807

A vulnerability was found in Craig Rodway Classroombookings 2.8.7 and classified as problematic. This issue affects some unknown processing of the file /sessions of the component Session Page. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotel...

CVE-2024-9482

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing...

CVE-2024-9481

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing...

CVE-2024-9481

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing...

CVE-2024-9484

An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing...

CVE-2024-9482

AVG/Avast Antivirus for macOS has an out-of-bounds write in the engine module triggered by malformed Mach-O files, potentially crashing the application during file processing. Affected are versions with signatures prior to 24092400. Remediation: update antivirus signature to 24092400 or later; as...

CVE-2024-9481 Out of Bounds write on scan of malformed eml file may crash the application

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing...

Apple macOS AppleVADriver Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...

Apple macOS AppleGVA Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...

CVE-2024-9079

A vulnerability was found in code-projects Student Record System 1.0 and classified as critical. This issue affects some unknown processing of the file /marks.php. The manipulation of the argument coursename leads to sql injection. The attack may be initiated remotely. The exploit has been...