Export limit exceeded: 334425 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334425 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-44557 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | 8 High |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo. | ||||
| CVE-2024-44555 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | 9.8 Critical |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo. | ||||
| CVE-2024-44553 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | 8.8 High |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formGetIptv. | ||||
| CVE-2024-44550 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | 8.8 High |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv. | ||||
| CVE-2024-44549 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | 6.6 Medium |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv. | ||||
| CVE-2024-44558 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | 8.8 High |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo. | ||||
| CVE-2024-44556 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | 6.6 Medium |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo. | ||||
| CVE-2024-44565 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | 8 High |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName parameter in the function form_fast_setting_internet_set. | ||||
| CVE-2024-44563 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-08-27 | 8 High |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo. | ||||
| CVE-2024-7968 | 1 Google | 1 Chrome | 2024-08-27 | 8.8 High |
| Use after free in Autofill in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-7967 | 1 Google | 1 Chrome | 2024-08-27 | 8.8 High |
| Heap buffer overflow in Fonts in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-7966 | 1 Google | 1 Chrome | 2024-08-27 | 8.8 High |
| Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-7964 | 1 Google | 2 Android, Chrome | 2024-08-27 | 8.8 High |
| Use after free in Passwords in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-36517 | 2 Manageengine, Zohocorp | 2 Adaudit Plus, Manageengine Adaudit Plus | 2024-08-27 | 8.3 High |
| Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module. | ||||
| CVE-2024-36516 | 2 Manageengine, Zohocorp | 2 Adaudit Plus, Manageengine Adaudit Plus | 2024-08-27 | 8.3 High |
| Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard. | ||||
| CVE-2024-36514 | 2 Manageengine, Zohocorp | 2 Adaudit Plus, Manageengine Adaudit Plus | 2024-08-27 | 8.3 High |
| Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in file summary option. | ||||
| CVE-2024-36515 | 2 Manageengine, Zohocorp | 2 Adaudit Plus, Manageengine Adaudit Plus | 2024-08-27 | 8.3 High |
| Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard. | ||||
| CVE-2024-8089 | 2 E-commerce System Project, Janobe | 2 E-commerce System, E-commerce System | 2024-08-27 | 6.3 Medium |
| A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been classified as critical. Affected is an unknown function of the file /ecommerce/admin/products/controller.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-8087 | 2 Janobe, Sourcecodester | 2 E-commerce System, Ecommerce System | 2024-08-27 | 6.3 Medium |
| A vulnerability was found in SourceCodester E-Commerce System 1.0 and classified as critical. This issue affects some unknown processing of the file /ecommerce/popup_Item.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-8086 | 2 E-commerce System Project, Janobe | 2 E-commerce System, E-commerce System | 2024-08-27 | 7.3 High |
| A vulnerability has been found in SourceCodester E-Commerce System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ecommerce/admin/login.php of the component Admin Login. The manipulation of the argument user_email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||