CVE-2024-42633 : LINKSYS E1500 1.0.06.001 DO_UPGRADE_POST OS COMMAND INJECTION

Description A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in Linksys E1500 v1.0.06.001. As a

Description Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic

Description TruffleHog is a secrets scanning tool. Prior to v3.81.9, this vulnerability allows a malicious actor to craft data in

Description A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326,

Description A vulnerability was found in itsourcecode Billing System 1.0. It has been rated as critical. This issue affects some

Description In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid memory access while processing fragmented

Description Like many other SSH implementations, Apache MINA SSHD suffered from the issue that is more widely known as CVE-2023-48795.

Description The Open eClass platform (formerly known as GUnet eClass) is a complete Course Management System. An arbitrary file upload

Description Authentication Bypass Using an Alternate Path or Channel vulnerability in GST Electronics inohom Nova Panel N7 allows Authentication Bypass.

Description Microsoft Office Spoofing Vulnerability. References https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38200 For More Information CVERecord

Description Microsoft Edge (HTML-based) Memory Corruption Vulnerability. References https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38218 For More Information CVERecord

Description The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which

Description VRCX is an assistant/companion application for VRChat. In versions prior to 2024.03.23, a CefSharp browser with over-permission and cross-site

Description NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user

Description Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and

Description WD Discovery versions prior to 5.0.589 contain a misconfiguration in the Node.js environment settings that could allow code execution

Description anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append “;swagger-ui” to HTTP

Description Improper Control of Generation of Code (‘Code Injection’) vulnerability in Apache InLong. This issue affects Apache InLong: from 1.10.0

Description The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a

Description Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Privilege Escalation, Authentication Bypass. This

Description Improper Privilege Management vulnerability in IdeaBox PowerPack for Beaver Builder allows Privilege Escalation.This issue affects PowerPack for Beaver Builder:

Description A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature

Description Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found