CVE-2024-48570

Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php...

CVE-2024-48570

Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php...

PT-2024-33150 · Unknown · Client Management System

Name of the Vulnerable Software and Affected Versions: Client Management System version 1.0 Description: A SQL injection issue was discovered in the Client Management System via the Between Dates Reports parameter at the "/admin/bwdates-reports-ds.php" API endpoint. Recommendations: For Client...

Client Management System SQL注入漏洞

Client Management System is a system for managing customer relationships by an individual Indian developer Haneen Gufran. A security vulnerability exists in Client Management System version 1.0 that originates from SQL injection in the Between Dates Reports parameter of the...

CVE-2024-48570

CVE-2024-48570 affects Client Management System 1.0. A SQL injection vulnerability exists in the Between Dates Reports parameter of the /admin/bwdates-reports-ds.php endpoint. The CVSS 3.1 base score is 7.5 (High) with Confidentiality impact High; no integrity/availability impact described. Conne...

CVE-2024-48570

Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php...

CVE-2024-48570

Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php...

mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions

The Mozilla Foundation's Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption...

The vulnerability of the ConditionalStream::ConditionalStream class (in the ConditionalStream.cpp module) of the “Red Database” database management system allows a attacker to cause a service failure on the server.

The vulnerability of the ConditionalStream::ConditionalStream class in the ConditionalStream.cpp module of the “Red Database” database management system is related to the use of the BETWEEN operator in the WHERE clause during query preparation. Exploiting this vulnerability can allow an attacker ...

SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP5) (SUSE-SU-2024:2207-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2207-1 advisory. This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2024-26852: Fixed...

CVE-2024-30985

SQL Injection vulnerability in "B/W Dates Reports" page in phpgurukul Client Management System using PHP & MySQL 1.1 allows attacker to execute arbitrary SQL commands via "todate" and "fromdate" parameters...

CVE-2021-46958 btrfs: fix race between transaction aborts and fsyncs leading to use-after-free

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between transaction aborts and fsyncs leading to use-after-free There is a race between a task aborting a transaction during a commit, a task doing an fsync and the transaction kthread, which leads to an...

Experts Detail Multi-Million Dollar Licensing Model of Predator Spyware

A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an "add-on feature" and that it depends on the licensing options opted by a customer. "In 2021, Predator spyware couldn't survive a reboot on the infected...

Difference between normalvalue and thresholdvalue under SNMP configuration

This article explains the difference between thresholdValue and normalValue under SNMP configuration...

CVE-2023-49345

Temporary data passed between application components by Budgie Extras Takeabreak applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false...

Ubuntu Budgie Extras Security Vulnerability

Ubuntu Budgie Extras is a package in the Ubuntu Budgie open source. A security vulnerability exists in Ubuntu Budgie Extras that stems from temporary data passed between application components that could be viewed or manipulated...

Ubuntu Budgie Extras Security Vulnerability

Ubuntu Budgie Extras is a package in the Ubuntu Budgie open source. A security vulnerability exists in Ubuntu Budgie Extras that stems from temporary data passed between application components that could be viewed or manipulated...

PT-2023-32637 · Unknown · Quarkus Cache Runtime

Name of the Vulnerable Software and Affected Versions: Quarkus Cache Runtime affected versions not specified Description: A flaw was found in the Quarkus Cache Runtime. When request processing utilizes a Uni cached using @CacheResult and the cached Uni reuses the initial "completion" context, the...

ALSA-2023:7077 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: tun: avoid double free in tunfreenetdev CVE-2022-4744 kernel: net/sched: multiple vulnerabilities CVE-2023-3609, CVE-2023-3611, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208...

CVE-2023-4611

A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak...