Trend Micro Worry-Free Business Security (9.0, 9.5, 10.0) is affected by a directory traversal vulnerability
Overview : Trend Micro Worry-Free Business Security (9.0, 9.5, 10.0) is affected by a directory traversal vulnerability that could allow
vBulletin 5.5.4 allows Two SQL Injection Vulnerabilities
Overview : vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget/getWidgetList where parameter. Affected Product(s) : vBulletin 5.5.4 Vulnerability
CVE-2023-22527 : ATLASSIAN CONFLUENCE DATA CENTER/CONFLUENCE SERVER PRIOR 8.5.4 TEMPLATE INJECTION
Description Summary of Vulnerability A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated
SQL injection vulnerability was discovered in Micro Focus Service Manager Automation (SMA)
Overview : An SQL injection vulnerability was discovered in Micro Focus Service Manager Automation (SMA), affecting versions 2019.08, 2019.05, 2019.02,
Missing Authentication for Critical Function in IP-AK2
Overview : In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could
IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow
Overview : IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused
CVE-2024-44589 : D-LINK DCS-960L 1.09 HNAP SERVICE LOGIN STACK-BASED OVERFLOW
Description Stack overflow vulnerability in the Login function in the HNAP service in D-Link DCS-960L with firmware 1.09 allows attackers
CVE-2024-23365 : QUALCOMM SNAPDRAGON AUTO UP TO WSA8845H MINKSOCKET LISTENER THREAD USE AFTER FREE
Description Memory corruption while releasing shared resources in MinkSocket listener thread. References https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html For More Information CVERecord
CVE-2024-41622 : D-LINK DIR-846W A1 FW100A43 /HNAP1/ TOMOGRAPHY_PING_ADDRESS OS COMMAND INJECTION
Description D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in
CVE-2024-42408 : DORSETT CONTROLS INFOSCAN 1.32/1.33/1.35 CLIENT DOWNLOAD PAGE PATH TRAVERSAL
Description The InfoScan client download page can be intercepted with a proxy, to expose filenames located on the system, which
CVE-2024-34722 : GOOGLE ANDROID 12/12L/13/14 BLE SMP_ACT.CC SMP_PROC_RAND IMPROPER AUTHENTICATION
Description In smp_proc_rand of smp_act.cc, there is a possible authentication bypass during legacy BLE pairing due to incorrect implementation of
CVE-2024-31310 : GOOGLE ANDROID 12/12L/13/14 AUTOFILL SERVICE APP UTOFILLMANAGERSERVICEIMPL.JAVA NEWSERVICEINFOLOCKED INPUT VALIDATION
Description In newServiceInfoLocked of AutofillManagerServiceImpl.java, there is a possible way to hide an enabled Autofill service app in the Autofill
CVE-2024-21473 : QUALCOMM SNAPDRAGON FILE NAME MEMORY CORRUPTION
Description Memory corruption while redirecting log file to any file location with any file name. References https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html For More Information
CVE-2024-2862 : LG ELECTRONICS LED ASSISTANT 2.1.65 PASSWORD IMPROPER AUTHENTICATION
Description This vulnerability allows remote attackers to reset the password of anonymous users without authorization on the affected LG LED
CVE-2024-22853 : D-LINK GO-RT-AC750 101B03 HARD-CODED PASSWORD
Description D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account, which allows remote attackers to obtain root access
CVE-2023-33045 : QUALCOMM 8 GEN 1 MOBILE PLATFORM NAN MANAGEMENT FRAME MEMORY CORRUPTION
Description Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. References https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin For More
CVE-2023-33028 : Qualcomm QCN5054 WLAN Memory Corruption
Description Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. References https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin For More Information CVERecord
CVE-2023-28581 : QUALCOMM WSA8835 WLAN FIRMWARE MEMORY CORRUPTION
Description Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE. References https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin For More Information CVERecord
CVE-2023-39213 : ZOOM DESKTOP CLIENT/VDI CLIENT UP TO 5.15.1 ON WINDOWS INJECTION
Description Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow
CVE-2023-36089 : D-LINK DIR-645 1.03 PHPCGI_MAIN IMPROPER AUTHENTICATION
Description ** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-645 firmware version 1.03 allows remote attackers to gain
CVE-2022-33211 : QUALCOMM WCD9330 MODEM MEMORY CORRUPTION
Description memory corruption in modem due to improper check while calculating size of serialized CoAP message. References https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin For More
CVE-2023-27216 : D-LINK DSL-3782 1.03 NETWORK SETTING PRIVILEGE ESCALATION
Description An issue found in D-Link DSL-3782 v.1.03 allows remote authenticated users to execute arbitrary code as root via the
CVE-2022-33256 : QUALCOMM WSA8835 MULTI-MODE CALL PROCESSOR MEMORY CORRUPTION
Description Memory corruption due to improper validation of array index in Multi-mode call processor. References https://www.qualcomm.com/company/product-security/bulletins/march-2023-bulletin For More Information MITRE
CVE-2023-25717 : RUCKUS WIRELESS ADMIN UP TO 10.4 HTTP GET REQUEST /FORMS/DOLOGIN REMOTE CODE EXECUTION
Description Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a