Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-09-13 CVE-2024-6137 Out-of-bounds Write vulnerability in Zephyrproject Zephyr
BT: Classic: SDP OOB access in get_att_search_list
low complexity
zephyrproject CWE-787
6.5
6.5
2024-09-13 CVE-2024-5754 Unspecified vulnerability in Zephyrproject Zephyr
BT: Encryption procedure host vulnerability
low complexity
zephyrproject
6.5
6.5
2024-09-13 CVE-2024-6258 Integer Underflow (Wrap or Wraparound) vulnerability in Zephyrproject Zephyr
BT: Missing length checks of net_buf in rfcomm_handle_data
low complexity
zephyrproject CWE-191
6.5
6.5
2024-09-13 CVE-2024-8783 Cross-site Scripting vulnerability in Opentibiabr Myaac
A vulnerability classified as problematic has been found in OpenTibiaBR MyAAC up to 0.8.16.
network
low complexity
opentibiabr CWE-79
5.4
5.4
2024-09-13 CVE-2024-8784 SQL Injection vulnerability in Qdocs Smart School 7.0.0
A vulnerability classified as critical was found in QDocs Smart School Management System 7.0.0.
network
low complexity
qdocs CWE-89
8.8
8.8
2024-09-13 CVE-2024-45101 A privilege escalation vulnerability was discovered when Single Sign On (SSO) is enabled that could allow an attacker to intercept a valid, authenticated LXCA user’s XCC session if they can convince the user to click on a specially crafted URL.
network
high complexity
 6.8
6.8
2024-09-13 CVE-2024-45103 Unspecified vulnerability in Lenovo Xclarity Administrator
A valid, authenticated LXCA user may be able to unmanage an LXCA managed device in through the LXCA web interface without sufficient privileges.
network
low complexity
lenovo
4.3
4.3
2024-09-13 CVE-2024-45104 Unspecified vulnerability in Lenovo Xclarity Administrator
A valid, authenticated LXCA user without sufficient privileges may be able to use the device identifier to modify an LXCA managed device through a specially crafted web API call.
network
low complexity
lenovo
6.5
6.5
2024-09-13 CVE-2024-45105 An internal product security audit discovered a UEFI SMM (System Management Mode) callout vulnerability in some ThinkSystem servers that could allow a local attacker with elevated privileges to execute arbitrary code.
local
low complexity
 6.7
6.7
2024-09-13 CVE-2024-4550 A potential buffer overflow vulnerability was reported in some Lenovo ThinkSystem and ThinkStation products that could allow a local attacker with elevated privileges to execute arbitrary code.
local
low complexity
 6.7
6.7