CVE-2024-34722 : GOOGLE ANDROID 12/12L/13/14 BLE SMP_ACT.CC SMP_PROC_RAND IMPROPER AUTHENTICATION
Description In smp_proc_rand of smp_act.cc, there is a possible authentication bypass during legacy BLE pairing due to incorrect implementation of
Description In smp_proc_rand of smp_act.cc, there is a possible authentication bypass during legacy BLE pairing due to incorrect implementation of
Description In newServiceInfoLocked of AutofillManagerServiceImpl.java, there is a possible way to hide an enabled Autofill service app in the Autofill
Description ZKTeco ZKBio CVSecurity v6.1.1 was discovered to contain a hardcoded cryptographic key. References https://zkteco.eu/downloads/zkbio-cvsecurity-installation-files https://github.com/mrojz/ZKT-Bio-CVSecurity/blob/main/CVE-2024-36526.md For More Information CVERecord
Description SQL injection vulnerability in login.php in Itsourcecode Online Discussion Forum Project in PHP with Source Code 1.0 allows remote
Description A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos
Description SQL injection vulnerability in processscore.php in Learning Management System Project In PHP With Source Code 1.0 allows attackers to
Description Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution
Description In Docker Desktop on Windows before v4.31.0 allows a user in the docker-users group to cause a Windows Denial-of-Service
Description Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when
Description Elements of PDCE does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This
Description A local privilege escalation vlnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user
Description A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623. A set of specially crafted network
Description NHibernate is an object-relational mapper for the .NET framework. A SQL injection vulnerability exists in some types implementing ILiteralType.ObjectToSQLString.
Description Improper Privilege Management vulnerability in Ekstrem Bir Bilgisayar Danismanlik Ic Ve Dis Ticaret Ltd. Sti. Extreme XDS allows Collect
Description The Houzez Theme – Functionality plugin for WordPress is vulnerable to SQL Injection via the ‘currency_code’ parameter in all
Description IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to bypass authentication under certain configurations
Description A vulnerability has been identified in Medicalis Workflow Orchestrator (All versions). The affected application executes as a trusted account
Description The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows
Description Apache NiFi 1.10.0 through 1.26.0 and 2.0.0-M1 through 2.0.0-M3 support a description field in the Parameter Context configuration that
Description Cross-site Scripting (XSS) – Stored in GitHub repository stitionai/devika prior to -. References https://huntr.com/bounties/6c00ff84-574b-4b4f-bd58-aa7ec1809662 https://github.com/stitionai/devika/commit/6acce21fb08c3d1123ef05df6a33912bf0ee77c2 For More Information CVERecord
Description IBM System Management for i 7.2, 7.3, and 7.4 could allow a local user to gain elevated privileges due
Description A vulnerability classified as problematic has been found in heyewei SpringBootCMS up to 2024-05-28. Affected is an unknown function
Description Server-Side Request Forgery (SSRF) vulnerability in Theme-Ruby Foxiz.This issue affects Foxiz: from n/a through 2.3.5. References https://patchstack.com/database/vulnerability/foxiz/wordpress-foxiz-theme-theme-2-3-5-server-side-request-forgery-ssrf-vulnerability?_s_id=cve For More
Description In the Linux kernel, the following vulnerability has been resolved: drm/drm_file: Fix pid refcounting race filp->pid is supposed to