CVE-2024-45623 : D-LINK DAP-2310 1.16RC028 ATP BINARY STACK-BASED OVERFLOW

Description D-Link DAP-2310 Hardware A Firmware 1.16RC028 allows remote attackers to execute arbitrary code via a stack-based buffer overflow in

Description ASIS (aka Aplikasi Sistem Sekolah using CodeIgniter 3) 3.0.0 through 3.2.0 allows index.php username SQL injection for Authentication Bypass.

Description A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been rated as critical.

Description In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fuse_notify_store(),

Description Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. As of quinn-proto 0.11, it is possible

Description Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The `/api/v2/simulation` POST

Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in NAC Telecommunication Systems Inc. NACPremium

Description Memory corruption while releasing shared resources in MinkSocket listener thread. References https://docs.qualcomm.com/product/publicresources/securitybulletin/september-2024-bulletin.html For More Information CVERecord

Description The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for

Description A vulnerability was found in code-projects Hospital Management System 1.0. It has been rated as critical. Affected by this

Description In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcm_sendmsg() for the same socket. syzkaller reported

Description Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contains an incorrect privilege assignment vulnerability. A local high privileged attacker could

Description IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality. References https://www.ibm.com/support/pages/node/7166947

Description Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module. References https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-6204.html

Description A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs

Description In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID

Description One Identity Safeguard for Privileged Passwords before 7.5.2 allows unauthorized access because of an issue related to cookies. This

Description The HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics plugin for WordPress is vulnerable to Stored Cross-Site

Description Deserialization of Untrusted Data vulnerability in eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.3. References

Description Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a

Description In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked.

Description The AWS Cloud Development Kit (CDK) is an open-source framework for defining cloud infrastructure using code. Customers use it

Description D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in

Description Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Each team can own their slice