Show filters
322,506 Total Results
Displaying 11-20 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown
CVE-2024-44845
Disclosure Date: September 06, 2024 (last updated September 07, 2024)
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the value parameter in the filter_string function.
0
Attacker Value
Unknown
CVE-2024-44844
Disclosure Date: September 06, 2024 (last updated September 07, 2024)
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection vulnerability via the name parameter in the run_command function.
0
Attacker Value
Unknown
CVE-2024-34158
Disclosure Date: September 06, 2024 (last updated September 07, 2024)
Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.
0
Attacker Value
Unknown
CVE-2024-34156
Disclosure Date: September 06, 2024 (last updated September 07, 2024)
Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
0
Attacker Value
Unknown
CVE-2024-34155
Disclosure Date: September 06, 2024 (last updated September 07, 2024)
Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.
0
Attacker Value
Unknown
CVE-2024-7652
Disclosure Date: September 06, 2024 (last updated September 07, 2024)
An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
0
Attacker Value
Unknown
CVE-2024-8394
Disclosure Date: September 06, 2024 (last updated September 07, 2024)
When aborting the verification of an OTR chat session, an attacker could have caused a use-after-free bug leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 128.2.
0
Attacker Value
Unknown
CVE-2024-38642
Disclosure Date: September 06, 2024 (last updated September 07, 2024)
An improper certificate validation vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow local network users to compromise the security of the system via unspecified vectors.
We have already fixed the vulnerability in the following version:
QuMagie 2.3.1 and later
0
Attacker Value
Unknown
CVE-2024-38641
Disclosure Date: September 06, 2024 (last updated September 07, 2024)
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local network users to execute commands via unspecified vectors.
We have already fixed the vulnerability in the following versions:
QTS 5.1.8.2823 build 20240712 and later
QuTS hero h5.1.8.2823 build 20240712 and later
0
Attacker Value
Unknown
CVE-2024-38640
Disclosure Date: September 06, 2024 (last updated September 07, 2024)
A cross-site scripting (XSS) vulnerability has been reported to affect Download Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We have already fixed the vulnerability in the following version:
Download Station 5.8.6.283 ( 2024/06/21 ) and later
0