CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-48652
https://notcve.org/view.php?id=CVE-2024-48652
22 Oct 2024 — Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field. • https://github.com/paragbagul111/CVE-2024-48652 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-48656
https://notcve.org/view.php?id=CVE-2024-48656
22 Oct 2024 — Cross Site Scripting vulnerability in student management system in php with source code v.1.0.0 allows a remote attacker to execute arbitrary code. • https://github.com/LeiPudd/Student-Management-System-v1.0-has-Cross-site-Scripting-XSS- • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-48657
https://notcve.org/view.php?id=CVE-2024-48657
22 Oct 2024 — SQL Injection vulnerability in hospital management system in php with source code v.1.0.0 allows a remote attacker to execute arbitrary code. • https://github.com/LeiPudd/Hospital-Management-System-v1.0-has-SQL-Injection-SQLDET- • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40494
https://notcve.org/view.php?id=CVE-2024-40494
22 Oct 2024 — Buffer Overflow in coap_msg.c in FreeCoAP allows remote attackers to execute arbitrary code or cause a denial of service (stack buffer overflow) via a crafted packet. • https://gist.github.com/dqp10515/e9d7d663cb89187bfe7b39bb3aeb0113 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-26519
https://notcve.org/view.php?id=CVE-2024-26519
22 Oct 2024 — An issue in Casa Systems NTC-221 version 2.0.99.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the /www/cgi-bin/nas.cgi component. • https://cybercx.com.au/blog/zero-day-rce-in-netcomm-ntc-221-industrial-iot-m2m-lte-4g-router • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-50062 – RDMA/rtrs-srv: Avoid null pointer deref during path establishment
https://notcve.org/view.php?id=CVE-2024-50062
21 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/394b2f4d5e014820455af3eb5859eb328eaafcfd •
CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 0CVE-2024-50059 – ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition
https://notcve.org/view.php?id=CVE-2024-50059
21 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/5126d8f5567f49b52e21fca320eaa97977055099 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50049 – drm/amd/display: Check null pointer before dereferencing se
https://notcve.org/view.php?id=CVE-2024-50049
21 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/f4149eec960110ffd5bcb161075dd9f1d7773075 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50046 – NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()
https://notcve.org/view.php?id=CVE-2024-50046
21 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/0e65a32c8a569db363048e17a708b1a0913adbef •
CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50044 – Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change
https://notcve.org/view.php?id=CVE-2024-50044
21 Oct 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/3241ad820dbb172021e0268b5611031991431626 •