CVE-2024-48125 |
Description: An issue in the AsDB service of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to enumerate user credentials via crafted GIOP protocol requests.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
CVE-2024-48123 |
Description: An issue in the USB Autorun function of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to execute arbitrary code via uploading a crafted script from a USB device.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
CVE-2024-48122 |
Description: Insecure default configurations in HI-SCAN 6040i Hitrax HX-03-19-I allow authenticated attackers with low-level privileges to escalate to root-level privileges.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
CVE-2024-48121 |
Description: The HI-SCAN 6040i Hitrax HX-03-19-I was discovered to transmit user credentials in cleartext over the GIOP protocol. This allows attackers to possibly gain access to sensitive information via a man-in-the-middle attack.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
CVE-2024-47665 |
Description: In the Linux kernel, the following vulnerability has been resolved:
i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup
Definitely condition dma_get_cache_alignment * defined value > 256
during driver initialization is not reason to BUG_ON(). Turn that to
graceful error out with -EINVAL.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
CVE-2024-44136 |
Description: This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and iPadOS 17.5. An attacker with physical access to a device may be able to disable Stolen Device Protection.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
CVE-2024-42159 |
Description: In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Sanitise num_phys
Information is stored in mr_sas_port->phy_mask, values larger then size of
this field shouldn't be allowed.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
CVE-2024-41454 |
Description: An arbitrary file upload vulnerability in the UI login page logo upload function of Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary code via uploading a crafted PHP or HTML file.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
CVE-2024-41453 |
Description: A cross-site scripting (XSS) vulnerability in Process Maker pm4core-docker 4.1.21-RC7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter.
EPSS Score: 0.04%
January 16th, 2025 (6 months ago)
|
CVE-2024-40854 |
Description: A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. An app may be able to cause unexpected system termination.
EPSS Score: 0.05%
January 16th, 2025 (6 months ago)
|