๐จ CVE-2024-30219
Active debug code vulnerability exists in MZK-MF300N all firmware versions. If a logged-in user who knows how to use the debug function accesses the device's management page, an unintended operation may be performed.
๐@cveNotify
Active debug code vulnerability exists in MZK-MF300N all firmware versions. If a logged-in user who knows how to use the debug function accesses the device's management page, an unintended operation may be performed.
๐@cveNotify
jvn.jp
JVNVU#91975826: Multiple vulnerabilities in PLANEX COMMUNICATIONS wireless LAN routers
Japan Vulnerability Notes
๐จ CVE-2024-30220
Command injection vulnerability in MZK-MF300N all firmware versions allows a network-adjacent unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port.
๐@cveNotify
Command injection vulnerability in MZK-MF300N all firmware versions allows a network-adjacent unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port.
๐@cveNotify
jvn.jp
JVNVU#91975826: Multiple vulnerabilities in PLANEX COMMUNICATIONS wireless LAN routers
Japan Vulnerability Notes
๐จ CVE-2024-31956
An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds Write.
๐@cveNotify
An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds Write.
๐@cveNotify
๐จ CVE-2024-36499
Vulnerability of unauthorized screenshot capturing in the WMS module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
๐@cveNotify
Vulnerability of unauthorized screenshot capturing in the WMS module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
๐@cveNotify
๐จ CVE-2024-36500
Privilege escalation vulnerability in the AMS module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
๐@cveNotify
Privilege escalation vulnerability in the AMS module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
๐@cveNotify
๐จ CVE-2024-36501
Memory management vulnerability in the boottime module
Impact: Successful exploitation of this vulnerability can affect integrity.
๐@cveNotify
Memory management vulnerability in the boottime module
Impact: Successful exploitation of this vulnerability can affect integrity.
๐@cveNotify
๐จ CVE-2024-22442
The vulnerability could be remotely exploited to bypass authentication.
๐@cveNotify
The vulnerability could be remotely exploited to bypass authentication.
๐@cveNotify
๐จ CVE-2024-33180
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo.
๐@cveNotify
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/saveParentControlInfo.
๐@cveNotify
palm-vertebra-fe9 on Notion
saveParentControlInfo_1 | Notion
Overview
๐จ CVE-2024-33182
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter.
๐@cveNotify
Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnerability via the deviceId parameter at ip/goform/addWifiMacFilter.
๐@cveNotify
palm-vertebra-fe9 on Notion
addWifiMacFilter_1 | Notion
Overview
๐จ CVE-2024-35338
Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root.
๐@cveNotify
Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root.
๐@cveNotify
palm-vertebra-fe9 on Notion
Tenda i29v1.0 was discovered to contain a hardcoded | Notion
Overview
๐จ CVE-2024-40322
An issue was discovered in JFinalCMS v.5.0.0. There is a SQL injection vulnerablity via /admin/div_data/data
๐@cveNotify
An issue was discovered in JFinalCMS v.5.0.0. There is a SQL injection vulnerablity via /admin/div_data/data
๐@cveNotify
GitHub
CVE/JFinalCMS_SQL.md at main ยท KakeruJ/CVE
Contribute to KakeruJ/CVE development by creating an account on GitHub.
๐จ CVE-2008-3431
The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\.\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.
๐@cveNotify
The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\.\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.
๐@cveNotify
Flexera
Secunia Research
Flexera provides software licensing management, software compliance, installation and application packaging solutions to developers and their customers.