Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-08 | CVE-2024-34669 | Out-of-bounds Write vulnerability in Samsung Android 12.0/13.0/14.0 Out-of-bounds write in parsing h.263+ format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. | 8.8 |
| 2024-10-08 | CVE-2024-37179 | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Businessobjects Business Intelligence 2025/420/430 SAP BusinessObjects Business Intelligence Platform allows an authenticated user to send a specially crafted request to the Web Intelligence Reporting Server to download any file from the machine hosting the service, causing high impact on confidentiality of the application. | 6.5 |
| 2024-10-08 | CVE-2024-39806 | Out-of-bounds Read vulnerability in Openatom Openharmony in OpenHarmony v4.1.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | 5.5 |
| 2024-10-08 | CVE-2024-39831 | Use After Free vulnerability in Openatom Openharmony in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free. | 6.7 |
| 2024-10-08 | CVE-2024-43696 | Memory Leak vulnerability in Openatom Openharmony in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak. | 5.5 |
| 2024-10-08 | CVE-2024-43697 | Unspecified vulnerability in Openatom Openharmony in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input. | 5.5 |
| 2024-10-08 | CVE-2024-45277 | Unspecified vulnerability in SAP Hana-Client The SAP HANA Node.js client package versions from 2.0.0 before 2.21.31 is impacted by Prototype Pollution vulnerability allowing an attacker to add arbitrary properties to global object prototypes. | 4.3 |
| 2024-10-08 | CVE-2024-45278 | Cross-site Scripting vulnerability in SAP Commerce Backoffice 2205/2211 SAP Commerce Backoffice does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | 5.4 |
| 2024-10-08 | CVE-2024-45282 | Trusting HTTP Permission Methods on the Server Side vulnerability in SAP S/4 Hana Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. | 5.3 |
| 2024-10-08 | CVE-2024-45382 | Out-of-bounds Write vulnerability in Openatom Openharmony in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write. | 5.5 |