Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-01-23 | CVE-2023-46400 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Kwhotel 0.47 KWHotel 0.47 is vulnerable to CSV Formula Injection in the add guest function. | 9.8 |
2025-01-23 | CVE-2023-46401 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Kwhotel 0.47 KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function. | 9.8 |
2025-01-23 | CVE-2024-50664 | Out-of-bounds Write vulnerability in Gpac 2.4 gpac 2.4 contains a heap-buffer-overflow at isomedia/sample_descs.c:1799 in gf_isom_new_mpha_description in gpac/MP4Box. | 7.8 |
2025-01-23 | CVE-2024-50665 | NULL Pointer Dereference vulnerability in Gpac 2.4 gpac 2.4 contains a SEGV at src/isomedia/drm_sample.c:1562:96 in isom_cenc_get_sai_by_saiz_saio in MP4Box. | 5.5 |
2025-01-23 | CVE-2024-55192 | Out-of-bounds Write vulnerability in Openimageio 3.1.0.0 OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*). | 9.8 |
2025-01-23 | CVE-2024-55193 | Unspecified vulnerability in Openimageio 3.1.0.0 OpenImageIO v3.1.0.0dev was discovered to contain a segmentation violation via the component /OpenImageIO/string_view.h. | 9.8 |
2025-01-23 | CVE-2024-55194 | Out-of-bounds Write vulnerability in Openimageio 3.1.0.0 OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component /OpenImageIO/fmath.h. | 9.8 |
2025-01-23 | CVE-2024-57328 | SQL Injection vulnerability in Projectworlds Online Food Ordering System 1.0 A SQL Injection vulnerability exists in the login form of Online Food Ordering System v1.0. | 9.8 |
2025-01-23 | CVE-2024-57386 | Cross-site Scripting vulnerability in Wallosapp Wallos 2.41.0 Cross Site Scripting vulnerability in Wallos v.2.41.0 allows a remote attacker to execute arbitrary code via the profile picture function. | 6.1 |
2025-01-23 | CVE-2024-57556 | Cross-site Scripting vulnerability in Nbubna Store Cross Site Scripting vulnerability in nbubna store v.2.14.2 and before allows a remote attacker to execute arbitrary code via the store.deep.js component | 6.1 |