VulDB Recent Entries

A vulnerability was found in Linux Kernel up to 6.1.121/6.6.67/6.12.6. It has been classified as problematic. This affects the function ocelot_ifh_set_basic in the library lib/packing.c of the file net/dsa/tag_ocelot.c of the component mscc. The manipulation leads to injection. This vulnerability is uniquely identified as CVE-2024-56717. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.6 and classified as critical. Affected by this issue is the function export_udmabuf of the component udmabuf. The manipulation leads to memory leak. This vulnerability is handled as CVE-2024-56712. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.119/6.6.63/6.11.10/6.12.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the component RDMA. The manipulation leads to denial of service. This vulnerability is known as CVE-2024-56722. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2.2. Affected is an unknown function of the file /admin/content/book of the component Edit Book Handler. The manipulation leads to server-side request forgery. This vulnerability is traded as CVE-2024-13029. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in Antabot White-Jotter up to 0.2.2. This issue affects some unknown processing of the file /login. The manipulation of the argument username leads to observable response discrepancy. The identification of this vulnerability is CVE-2024-13028. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in Crypt::Random::Source up to 0.12 on Perl. This vulnerability affects the function rand. The manipulation leads to cryptographically weak prng. This vulnerability was named CVE-2018-25107. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in GNU Grub2 up to 2.12. This affects the function grub_crypto_memcmp. The manipulation leads to observable timing discrepancy. This vulnerability is uniquely identified as CVE-2024-56738. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in GNU Grub2 up to 2.12. It has been rated as critical. Affected by this issue is some unknown functionality of the file fs/hfs.c of the component HFS Filesystem Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2024-56737. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in kstover Ninja Forms Plugin up to 3.8.22 on WordPress. It has been declared as critical. Affected by this vulnerability is the function do_shortcode of the component Shortcode Handler. The manipulation leads to code injection. This vulnerability is known as CVE-2024-12238. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Codezips College Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Front-end/faculty.php. The manipulation of the argument book_name/book_author leads to sql injection. This vulnerability is traded as CVE-2024-13025. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Codezips Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /campaign.php. The manipulation of the argument cname leads to sql injection. The identification of this vulnerability is CVE-2024-13024. The attack may be initiated remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability has been found in PHPGurukul Maid Hiring Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/search-maid.php of the component Search Maid Page. The manipulation of the argument searchdata leads to cross site scripting. This vulnerability was named CVE-2024-13023. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/common/UploadController.java of the component Article Management. The manipulation of the argument file leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2024-13022. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in SourceCodester Road Accident Map Marker 1.0. Affected by this issue is some unknown functionality of the file /endpoint/add-mark.php. The manipulation of the argument mark_name leads to cross site scripting. This vulnerability is handled as CVE-2024-13021. The attack may be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability classified as critical was found in code-projects Chat System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/chatroom.php. The manipulation of the argument id leads to sql injection. This vulnerability is known as CVE-2024-13020. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in code-projects Chat System 1.0. Affected is an unknown function of the file /admin/update_room.php of the component Chat Room Page. The manipulation of the argument name leads to cross site scripting. This vulnerability is traded as CVE-2024-13019. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/profile.php. The manipulation of the argument name leads to cross site scripting. The identification of this vulnerability is CVE-2024-13018. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/aboutus.php of the component About Us Page. The manipulation of the argument title leads to cross site scripting. This vulnerability was named CVE-2024-13017. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/edit-category.php. The manipulation of the argument editid leads to sql injection. This vulnerability is uniquely identified as CVE-2024-13016. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/search-booking-request.php. The manipulation of the argument searchdata leads to cross site scripting. This vulnerability is handled as CVE-2024-13015. The attack may be launched remotely. Furthermore, there is an exploit available.