USN-6744-1 pillow vulnerability

Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a deni...

CVE-2018-25101

A vulnerability, which was classified as problematic, has been found in l2c2technologies Koha up to 20180108. This issue affects some unknown processing of the file /cgi-bin/koha/opac-MARCdetail.pl. The manipulation of the argument biblionumber with the input 2" leads to cross site scripting. The...

CVE-2024-3721

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=SOSTREAMAX. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely...

CVE-2024-3721 TBK DVR-4104/DVR-4216 os command injection

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=SOSTREAMAX. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely...

CVE-2024-3617

Summary of CVE-2024-3617 : A SQL injection vulnerability affects SourceCodester Kortex Lite Advocate Office Management System 1.0, specifically in the file /control/deactivate_case.php where manipulating the argument id enables injection. The issue is exploitable remotely over the network with li...

CVE-2024-3524

A vulnerability, which was classified as problematic, has been found in Campcodes Online Event Management System 1.0. This issue affects some unknown processing of the file /views/process.php. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotel...

CVE-2024-3432

A vulnerability was found in PuneethReddyHC Event Management 1.0. It has been rated as critical. This issue affects some unknown processing of the file /backend/register.php. The manipulation of the argument eventid/fullname/email/mobile/college/branch leads to sql injection. The attack may be...

CVE-2024-3001

A vulnerability, which was classified as critical, has been found in code-projects Online Book System 1.0. This issue affects some unknown processing of the file /Product.php. The manipulation of the argument value leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2024-2995

A vulnerability was found in NUUO Camera up to 20240319 and classified as problematic. This issue affects some unknown processing of the file /deletefile.php. The manipulation of the argument filename leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed...

CVE-2024-2944

CVE-2024-2944 concerns Campcodes Online Examination System 1.0. The vulnerability is an SQL injection in the /adminpanel/admin/query/deleteCourseExe.php file, triggered by manipulating the id parameter. The issue originates from the handling of the id input, allowing remote attackers to craft req...

CVE-2024-2938

Campcodes Online Examination System 1.0 is affected by a SQL injection in the id parameter of /adminpanel/admin/facebox_modal/updateCourse.php. The vulnerability enables remote exploitation and a public exploit exists. Affected component is the updateCourse functionality, with the root cause bein...

CVE-2024-2775 Campcodes Online Marriage Registration System user-profile.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Campcodes Online Marriage Registration System 1.0. This issue affects some unknown processing of the file /user/user-profile.php. The manipulation of the argument lname leads to cross site scripting. The attack may be initiat...

CVE-2024-2767

A vulnerability was found in Campcodes Complete Online Beauty Parlor Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be initiated...

CVE-2024-2712

A vulnerability, which was classified as critical, has been found in Campcodes Complete Online DJ Booking System 1.0. This issue affects some unknown processing of the file /admin/user-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated...

CVE-2024-2687

A vulnerability was found in Campcodes Online Job Finder System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/applicants/index.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has bee...

CVE-2024-2647

A vulnerability, which was classified as critical, has been found in Netentsec NS-ASG Application Security Gateway 6.3. This issue affects some unknown processing of the file /admin/singlelogin.php. The manipulation of the argument loginId leads to sql injection. The attack may be initiated...

CVE-2024-2483 Surya2Developer Hostel Management Service Password Change change-password.php cross-site request forgery

A vulnerability, which was classified as problematic, has been found in Surya2Developer Hostel Management Service 1.0. This issue affects some unknown processing of the file /change-password.php of the component Password Change Handler. The manipulation of the argument oldpassword leads to...

CVE-2024-23300

A use-after-free issue was addressed with improved memory management. This issue is fixed in GarageBand 10.4.11. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution...

SUSE-SU-2024:0832-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file bsc1219243...

CVE-2024-23248

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4. Processing a file may lead to a denial-of-service or potentially disclose memory contents...