Description ASIS (aka Aplikasi Sistem Sekolah using CodeIgniter 3) 3.0.0 through 3.2.0 allows index.php username SQL injection for Authentication Bypass.
Description A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been rated as critical.
Description In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fuse_notify_store(),
Description Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. As of quinn-proto 0.11, it is possible
Description Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The `/api/v2/simulation` POST
Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in NAC Telecommunication Systems Inc. NACPremium
Description Memory corruption while releasing shared resources in MinkSocket listener thread. References https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html For More Information CVERecord
Description The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for
Description A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this
Description In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcm_sendmsg() for the same socket. syzkaller reported
Description Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment vulnerability. A local high privileged attacker could
Description IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality. References https://www.ibm.com/support/pages/node/7166947
Description Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module. References https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-6204.html
Description A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs
Description In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID
Description One Identity Safeguard for Privileged Passwords before 7.5.2 allows unauthorized access because of an issue related to cookies. This
Description The HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics plugin for WordPress is vulnerable to Stored Cross-Site
Description Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.3. References
Description Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a
Description In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked.
Description The AWS Cloud Development Kit (CDK) is an open-source framework for defining cloud infrastructure using code. Customers use it
Description D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in
Description Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Each team can own their slice
Description Cross-Site Request Forgery (CSRF) vulnerability in WPMU DEV Hummingbird.This issue affects Hummingbird: from n/a through 3.9.1. References https://patchstack.com/database/vulnerability/hummingbird-performance/wordpress-hummingbird-plugin-3-9-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve For