CVE-2024-46292 : OWASP MODSECURITY 3.0.12 INPUT NAME DENIAL OF SERVICE
Description A buffer overflow in modsecurity v3.0.12 allows attackers to cause a Denial of Service (DoS) via a crafted input inserted into the name parameter.…
CVE-2024-25825 : FYDEOS FOR PC EMPTY PASSWORD IN CONFIGURATION FILE
Description FydeOS for PC 17.1 R114, FydeOS for VMware 17.0 R114, FydeOS for You 17.1 R114, and OpenFyde R114 were discovered to be configured with…
CVE-2024-8015 : PROGRESS TELERIK REPORTING UP TO 10.2.24.806 EXTERNALLY-CONTROLLED INPUT TO SELECT CLASSES OR CODE
Description In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure…
CVE-2024-47422 : ADOBE FRAMEMAKER UP TO 2020.6/2022.4 UNTRUSTED SEARCH PATH
Description Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker…
CVE-2024-47666 : LINUX KERNEL UP TO 6.6.50/6.10.9 PM80XX PM8001_PHY_CONTROL STACK-BASED OVERFLOW
Description In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Set phy->enable_completion only when we wait for it pm8001_phy_control() populates the enable_completion…
CVE-2024-9286 : TRTEK SOFTWARE DISTANT EDUCATION PLATFORM PRIOR 3.2024.11 SQL INJECTION
Description Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), Improper Input Validation vulnerability in TRtek Software Distant Education Platform allows SQL…