933 matches found
PT-2024-6622 · Microsoft · Edge
Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to a buffer overflow in memory, which can be exploited by a remote attacker to execute arbitrary code. This is a remote code execution vulnerabili...
PT-2024-6491 · Advantech · Adam-5630
Name of the Vulnerable Software and Affected Versions: Advantech ADAM-5630 affected versions not specified Description: The issue is related to a cross-site request forgery CSRF vulnerability, which allows an attacker to partly circumvent the same origin policy. This policy is designed to prevent...
PT-2024-31513
Name of the Vulnerable Software and Affected Versions BYOB affected versions not specified Description The issue concerns unauthenticated remote code execution on BYOB via arbitrary file write. A research paper was written on this topic, but there was an incident involving the theft of this...
PT-2024-6297 · Microsoft · Office Excel
Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in Microsoft Excel, which is associated with the use of memory after it has been freed. This could allow an attacker ...
PT-2024-6246 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a security feature bypass vulnerability in the Windows Security Zone Mapping component. This vulnerability is caused by incorrect path equivalence permissions...
PT-2024-7549 · Fortinet · Fortiadc Web Application Firewall
Name of the Vulnerable Software and Affected Versions: FortiADC Web Application Firewall WAF versions 6.0 through 7.4.4 FortiADC Web Application Firewall WAF version 7.4.5 and later are not affected, but the exact fixed version is not specified in the highest priority source, so we consider...
PT-2024-29424 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A vulnerability has been identified, but details are not provided in the given information. There is a mention of a resource for vulnerability scanning. Recommendations: At the moment,...
PT-2024-31538 · Sap · Sap Gui
Name of the Vulnerable Software and Affected Versions: SAP GUI affected versions not specified Description: The issue allows a low-privileged user to perform a denial of service on any user and also change or delete favourite nodes. This is achieved by sending a crafted packet in the function...
PT-2024-40932 · Strason · Strason
Name of the Vulnerable Software and Affected Versions: strason affected versions not specified Description: The strason project has been archived by its developer and will no longer be maintained. Recommendations: At the moment, there is no information about a newer version that contains a fix fo...
PT-2024-6629 · Loway · Loway Queuemetrics
Name of the Vulnerable Software and Affected Versions: Loway QueueMetrics affected versions not specified Description: The issue is related to a URL redirection to an untrusted site, also known as an 'Open Redirect'. This occurs when loading the login page, allowing a remote attacker to redirect ...
PT-2024-18570 · Mediatek · Mediatek
Name of the Vulnerable Software and Affected Versions: MediaTek products affected versions not specified Description: The issue is related to a possible out of bounds read due to a missing bounds check, which could lead to local information disclosure with System execution privileges needed. User...
PT-2024-31525 · Sayful Islam · Carousel Slider
Name of the Vulnerable Software and Affected Versions: WordPress plugin Carousel Slider affected versions not specified Description: The WordPress plugin Carousel Slider provided by Sayful Islam contains a cross-site request forgery issue on the Hero image selection feature. When a user is logged...
PT-2024-40032 · Pypi · Spam
Name of the Vulnerable Software and Affected Versions: spam project on PyPI affected versions not specified Description: The issue concerns a compromise of the spam project on PyPI via a phishing attack, leading to a malicious release that downloads and runs malware at install time by accessing...
PT-2024-38944 · Gether Technology · 6Shr System
Name of the Vulnerable Software and Affected Versions: 6SHR system from Gether Technology affected versions not specified Description: The 6SHR system from Gether Technology does not properly validate the specific page parameter, allowing remote attackers with regular privilege to inject SQL...
PT-2024-29357 · Unknown · Instantcms
Name of the Vulnerable Software and Affected Versions: InstantCMS affected versions not specified Description: The issue is related to Stored Cross Site Scripting XSS. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...
PT-2024-29874 · Hargal · Hargal
Name of the Vulnerable Software and Affected Versions: Hargal affected versions not specified Description: The issue is related to improper access control, which is classified as CWE-284. This is a critical issue with a high severity score. No information is provided about the estimated number of...
PT-2024-30029 · Unknown · School Management System
Name of the Vulnerable Software and Affected Versions: School Management System affected versions not specified Description: The issue is related to a SQL injection vulnerability. It occurs via the medium parameter at the "paidclass.php" endpoint. There is no information provided about the...
PT-2024-30036 · Unknown · School Management System
Name of the Vulnerable Software and Affected Versions: School Management System affected versions not specified Description: A SQL injection issue was discovered in the School Management System via the medium parameter at the "substaff.php" endpoint. This allows for potential exploitation. No...
PT-2024-29522 · Barix · Barix
Name of the Vulnerable Software and Affected Versions: Barix affected versions not specified Description: The issue concerns exposure of sensitive information to an unauthorized actor. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...
PT-2024-24983 · Google · Nest
Name of the Vulnerable Software and Affected Versions: Nest production devices affected versions not specified Description: The issue concerns the libcurl CURLOPT SSL VERIFYPEER option being disabled on a subset of requests made by Nest production devices. This enabled a potential man-in-the-midd...