CVE-2024-20375 : CISCO UNIFIED COMMUNICATIONS MANAGER UP TO 15 SIP OUT-OF-BOUNDS WRITE

Description A vulnerability in the SIP call processing function of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications

Description The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to

Description This High severity Reflected XSS and CSRF (Cross-Site Request Forgery) vulnerability was introduced in versions 7.19.0, 7.20.0, 8.0.0, 8.1.0,

Description DrayTek Vigor 3900 before v1.5.1.5_Beta, DrayTek Vigor 2960 before v1.5.1.5_Beta and DrayTek Vigor 300B before v1.5.1.5_Beta were discovered to

Description Russh is a Rust SSH client & server library. Allocating an untrusted amount of memory allows any unauthenticated user

Description Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a

Description CKAN is an open-source data management system for powering data hubs and data portals. If there were connection issues

Description The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may

Description Stack-based buffer overflow in Control FPWIN Pro version 7.7.2.0 and all previous versions may allow attackers to execute arbitrary

Description Dell SupportAssist for Home PCs Installer exe version 4.0.3 contains a privilege escalation vulnerability in the installer. A local

Description Hertzbeat is an open source, real-time monitoring system. Hertzbeat has an authenticated (user role) RCE via unsafe deserialization in

Description Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with

Description Prior to 3385, the user-controlled role parameter enters the application in the Kubernetes::RoleVerificationsController. The role parameter flows into the

Description An Incorrect Authorization vulnerability was identified in GitHub Enterprise Server, allowing an attacker to update the title, assignees, and

Description An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra allows an authenticated attacker to elevate

Description LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. A

Description MEGABOT is a fully customized Discord bot for learning and fun. The `/math` command and functionality of MEGABOT versions

Description In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow vulnerability due to the lack of length verification for the

Description In the TP-Link RE365 V1_180213, there is a buffer overflow vulnerability due to the lack of length verification for

Description There is a LOW severity vulnerability affecting CPython, specifically the ‘http.cookies’ standard library module. When parsing cookies that contained

Description XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is

Description A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in Linksys E1500 v1.0.06.001. As a

Description Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic

Description TruffleHog is a secrets scanning tool. Prior to v3.81.9, this vulnerability allows a malicious actor to craft data in