CVE-2024-9807

A vulnerability was found in Craig Rodway Classroombookings 2.8.7 and classified as problematic. This issue affects some unknown processing of the file /sessions of the component Session Page. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotel...

CVE-2024-9482

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing...

CVE-2024-9481

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing...

CVE-2024-9481

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing...

CVE-2024-9484

An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing...

CVE-2024-9482

AVG/Avast Antivirus for macOS has an out-of-bounds write in the engine module triggered by malformed Mach-O files, potentially crashing the application during file processing. Affected are versions with signatures prior to 24092400. Remediation: update antivirus signature to 24092400 or later; as...

CVE-2024-9481 Out of Bounds write on scan of malformed eml file may crash the application

An out-of-bounds write in the engine module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing...

Apple macOS AppleVADriver Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...

Apple macOS AppleGVA Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...

CVE-2024-9079

A vulnerability was found in code-projects Student Record System 1.0 and classified as critical. This issue affects some unknown processing of the file /marks.php. The manipulation of the argument coursename leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2024-9076

CVE-2024-9076 (DedeCMS) affects DedeCMS versions up to 5.7.115. The vulnerability is a command-injection in the article_string_mix.php (or similar) processing path, enabling remote execution due to improper handling of command input. Public exploits/poC are noted, and vendor contact was ineffecti...

CVE-2024-9031 CodeCanyon CRMGo SaaS show cross site scripting

A vulnerability, which was classified as problematic, has been found in CodeCanyon CRMGo SaaS up to 7.2. This issue affects some unknown processing of the file /project/task/taskid/show. The manipulation of the argument comment leads to cross site scripting. The attack may be initiated remotely...

CVE-2024-9031

CodeCanyon CRMGo SaaS (up to 7.2) has a cross-site scripting flaw in the /project/task/{task_id}/show endpoint triggered by the comment parameter. The issue may be exploited remotely and exploits have been disclosed publicly. Current remediation guidance in the connected docs is to disable access...

[SECURITY] Fedora 39 Update: ruby-3.2.5-183.fc39

Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible...

CVE-2024-44154

A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7. Processing a maliciously crafted file may lead to unexpected app termination...

CVE-2024-44154

CVE-2024-44154 affects macOS components (Apple Graphics Control entry in macOS Sonoma 14.7 and macOS Sequoia 15). The issue is described as a memory initialization problem addressed by improved memory handling, with the impact that processing a maliciously crafted file may cause an application to...

CVE-2024-27880

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, tvOS 18, visionOS 2, watchOS 11. Processing a maliciously crafted file may lead to unexpected app termination...

CVE-2024-8567

A vulnerability, which was classified as critical, has been found in itsourcecode Payroll Management System 1.0. This issue affects some unknown processing of the file /ajax.php?action=deletedeductions. The manipulation of the argument id leads to sql injection. The attack may be initiated...

CVE-2024-8559

A vulnerability, which was classified as critical, has been found in SourceCodester Online Food Menu 1.0. This issue affects some unknown processing of the file /endpoint/delete-menu.php. The manipulation of the argument menu leads to sql injection. The attack may be initiated remotely. The explo...

CVE-2024-8380

SourceCodester Contact Manager with Export to VCF 1.0 contains a SQL injection vulnerability in the Delete Contact Handler, specifically the /endpoint/delete-account.php endpoint. The issue arises from improper handling of the contact parameter, allowing remote exploitation. Public disclosure of ...