Vuldb Updates

A vulnerability classified as problematic was found in IBM Watson Studio Local 1.2.3. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-49340. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Discount Rules for WooCommerce Plugin up to 2.6.5 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-8541. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Atlassian JIRA Software and JIRA Core 7.0.3. This issue affects some unknown processing of the component Inline Wiki Markup Handler. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2015-8481. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Impero Education Pro. It has been classified as critical. Affected is an unknown function. The manipulation with the input 1|AUTHENTICATE\x02PASSWORD leads to improper authentication. This vulnerability is traded as CVE-2015-5998. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Trimble TM4Web 22.2.0. It has been classified as critical. Affected is an unknown function of the file /inc/tm_ajax.msw?func=UserfromUUID&uuid= of the component Registration. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2023-27195. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in myCred Elementor Plugin up to 1.2.6 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-49702. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in ZTE ZXR10 1800-2S 3.00.40. It has been classified as problematic. This affects an unknown part. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-22066. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Linux Kernel up to 6.11.5. It has been declared as problematic. Affected by this vulnerability is the function reset_control_status. The manipulation leads to reachable assertion. This vulnerability is known as CVE-2024-50137. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Simple Shortcode for Google Maps Plugin up to 1.5.4 on WordPress. Affected by this vulnerability is an unknown functionality of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-10621. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Linux Kernel up to 6.10.13/6.11.2. It has been rated as problematic. Affected by this issue is the function tick_ctx_cleanup of the file drm/ of the component panthor. The manipulation leads to uninitialized pointer. This vulnerability is handled as CVE-2024-50173. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.10.13/6.11.2. This affects the function xa_erase of the component panthor. The manipulation leads to improper update of reference count. This vulnerability is uniquely identified as CVE-2024-50174. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Google Android. It has been classified as critical. Affected is an unknown function of the component Qualcomm Wi-Fi Driver. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2015-0569. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Veeam Enterprise Manager up to 12.2. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to channel accessible by non-endpoint. This vulnerability was named CVE-2024-40715. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Oracle Communications MetaSolv Solution 6.3.0/6.3.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Online Help. The manipulation leads to deserialization. This vulnerability is known as CVE-2019-10086. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Communications Diameter Signaling Router up to 8.2.2. It has been rated as critical. This issue affects some unknown processing of the component IDIH. The manipulation leads to deserialization. The identification of this vulnerability is CVE-2019-10086. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Oracle SD-WAN Edge 9. Affected is an unknown function of the component Apache Commons BeanUtils. The manipulation leads to deserialization. This vulnerability is traded as CVE-2019-10086. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Primavera Unifier up to 20.12. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to deserialization. This vulnerability is handled as CVE-2019-10086. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Financial Services Analytical Applications Infrastructure 8.0.6/8.0.7/8.0.8/8.0.9/8.1.0. It has been classified as critical. Affected is an unknown function of the component Infrastructure. The manipulation leads to deserialization. This vulnerability is traded as CVE-2019-10086. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Retail Xstore Point of Service 7.1/15.0/16.0/17.0/18.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Xenvironment. The manipulation leads to deserialization. This vulnerability is handled as CVE-2019-10086. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Database up to 19.2.2 and classified as problematic. Affected by this issue is some unknown functionality of the component Spatial Studio. The manipulation leads to deserialization. This vulnerability is handled as CVE-2019-10086. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.