-
CVE-2024-45343 – Adobe Flash PathTraversal
CVE ID : CVE-2024-45343 Published : Jan. 8, 2025, 8:15 p.m. | 1 hour, 28 minutes ago Description : Rejected reason: reserved but not needed Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go to Source
-
CVE-2024-13189 – ZeroWdd MyBlog Remote File Permission Bypass Vulnerability
CVE ID : CVE-2024-13189 Published : Jan. 8, 2025, 8:15 p.m. | 1 hour, 28 minutes ago Description : A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file src/main/java/com/wdd/myblog/config/MyBlogMvcConfig.java. The manipulation leads to permission issues. It is possible to initiate the attack remotely. The exploit has…
-
CVE-2025-22141 – WeGIA Web Manager SQL Injection Vulnerability
CVE ID : CVE-2025-22141 Published : Jan. 8, 2025, 7:15 p.m. | 2 hours, 28 minutes ago Description : WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /dao/verificar_recursos_cargo.php endpoint, specifically in the cargo parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability…
-
CVE-2025-22140 – WeGIA SQL Injection Vulnerability (Authenticated)
CVE ID : CVE-2025-22140 Published : Jan. 8, 2025, 7:15 p.m. | 2 hours, 28 minutes ago Description : WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /html/funcionario/dependente_listar_um.php endpoint, specifically in the id_dependente parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability…
-
CVE-2025-0291 – Google Chrome Type Confusion Vulnerability
CVE ID : CVE-2025-0291 Published : Jan. 8, 2025, 7:15 p.m. | 2 hours, 28 minutes ago Description : Type Confusion in V8 in Google Chrome prior to 131.0.6778.264 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Severity: 8.3 | HIGH Visit the link for…
-
CVE-2024-51442 – Minidlna Command Injection Vulnerability
CVE ID : CVE-2024-51442 Published : Jan. 8, 2025, 6:15 p.m. | 3 hours, 28 minutes ago Description : Command Injection in Minidlna version v1.3.3 and before allows an attacker to execute arbitrary OS commands via a specially crafted minidlna.conf configuration file. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected…
-
CVE-2024-54818 – SourceCodester Computer Laboratory Management System Unauthenticated Remote OS Command Injection
CVE ID : CVE-2024-54818 Published : Jan. 8, 2025, 7:15 p.m. | 2 hours, 28 minutes ago Description : SourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access Control. via /php-lms/admin/?page=user/list. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go to Source
-
CVE-2025-22137 – Pingvin Share File Traversal
CVE ID : CVE-2025-22137 Published : Jan. 8, 2025, 4:15 p.m. | 5 hours, 28 minutes ago Description : Pingvin Share is a self-hosted file sharing platform and an alternative for WeTransfer. This vulnerability allows an authenticated or unauthenticated (if anonymous shares are allowed) user to overwrite arbitrary files on the server, including sensitive system files, via…
-
CVE-2024-55517 – Polaris FT Intellect Core Banking SQL Injection
CVE ID : CVE-2024-55517 Published : Jan. 8, 2025, 4:15 p.m. | 5 hours, 28 minutes ago Description : An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated…
-
CVE-2024-55656 – Redis RedisBloom Probabilistic Data Structures Integer Overflow Information Leak Out-of-Bounds Write
CVE ID : CVE-2024-55656 Published : Jan. 8, 2025, 4:15 p.m. | 5 hours, 28 minutes ago Description : RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker (a redis client which knows the…