VulDB Recent Entries

A vulnerability was found in code-projects Simple Chat System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /add_user.php. The manipulation of the argument name/email/password/number leads to sql injection. This vulnerability is handled as CVE-2024-13039. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in CodeAstro Simple Loan Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. This vulnerability is known as CVE-2024-13038. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been classified as critical. Affected is the function attendance_report of the file /admin/report.php. The manipulation of the argument course_id leads to sql injection. This vulnerability is traded as CVE-2024-13037. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/update_room.php. The manipulation of the argument id/name/password leads to sql injection. The identification of this vulnerability is CVE-2024-13036. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in code-projects Chat System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/update_user.php. The manipulation of the argument id leads to sql injection. This vulnerability was named CVE-2024-13035. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in code-projects Chat System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument name leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-13034. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in code-projects Chat System 1.0. Affected by this issue is some unknown functionality of the file /admin/chatroom.php. The manipulation of the argument id leads to cross site scripting. This vulnerability is handled as CVE-2024-13033. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Affected by this vulnerability is an unknown functionality of the file /admin/content/editor of the component Article Editor. The manipulation of the argument articleCover leads to server-side request forgery. This vulnerability is known as CVE-2024-13032. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/editor of the component Article Content Editor. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-13031. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in D-Link DIR-823G 1.0.2B05_20181207. It has been rated as critical. This issue affects the function SetAutoRebootSettings/SetClientInfo/SetDMZSettings/SetFirewallSettings/SetParentsControlInfo/SetQoSSettings/SetVirtualServerSettings of the file /HNAP1/ of the component Web Management Interface. The manipulation leads to improper access controls. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The identification of this vulnerability is CVE-2024-13030. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

A vulnerability was found in Linux Kernel up to 5.15.173/6.1.119/6.6.63/6.11.10/6.12.1. It has been declared as critical. This vulnerability affects the function reset_method_store of the component PCI. The manipulation leads to memory leak. This vulnerability was named CVE-2024-56745. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1. It has been classified as critical. This affects the function nfs3_read_done of the component localio. The manipulation of the argument res.replen leads to memory corruption. This vulnerability is uniquely identified as CVE-2024-56740. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1 and classified as problematic. Affected by this issue is some unknown functionality of the component nfs_common. The manipulation leads to Privilege Escalation. This vulnerability is handled as CVE-2024-56743. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.12.1 and classified as problematic. Affected by this vulnerability is the function __nvme_alloc_host_mem of the component nvme-pci. The manipulation leads to allocation of resources. This vulnerability is known as CVE-2024-56756. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.63/6.11.10/6.12.1. Affected is the function gf100_gr_chan_new of the component nouveau. The manipulation leads to denial of service. This vulnerability is traded as CVE-2024-56752. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.12.1. This issue affects the function sb_set_blocksize of the component erofs. The manipulation leads to Privilege Escalation. The identification of this vulnerability is CVE-2024-56750. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.1. This vulnerability affects the function qedf_alloc_and_init_sb of the component scsi. The manipulation leads to memory leak. This vulnerability was named CVE-2024-56748. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.1. This affects the function qedi_alloc_and_init_sb of the component scsi. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2024-56747. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.1. It has been rated as critical. Affected by this issue is the function sh7760fb_alloc_mem of the component fbdev. The manipulation leads to memory leak. This vulnerability is handled as CVE-2024-56746. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.10/6.12.1. It has been declared as critical. Affected by this vulnerability is the function mlx5vf_add_migration_pages of the component vfio. The manipulation leads to memory leak. This vulnerability is known as CVE-2024-56742. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.