Common Vulnerabilities and Exposures (CVE)

CVE-2024-52725

Jul 5, 2026 00:51:14 UTC

SemCms v4.8 was discovered to contain a SQL injection vulnerability. This allows an attacker to execute arbitrary code via the ldgid parameter in the SEMCMS_SeoAndTag.php component.

CVE-2024-52723

Jul 5, 2026 00:51:09 UTC

In TOTOLINK X6000R V9.4.0cu.1041_B20240224 in the shttpd file, the Uci_Set Str function is used without strict parameter filtering. An attacker can achieve arbitrary command execution by constructing the payload.

CVE-2024-52714

Jul 5, 2026 00:51:02 UTC

Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysTime.

CVE-2024-51367

Jul 5, 2026 00:50:58 UTC

An arbitrary file upload vulnerability in the component \Users\username.BlackBoard of BlackBoard v2.0.0.2 allows attackers to execute arbitrary code via uploading a crafted .xml file.

CVE-2024-51366

Jul 5, 2026 00:50:54 UTC

An arbitrary file upload vulnerability in the component \Roaming\Omega of OmegaT v6.0.1 allows attackers to execute arbitrary code via uploading a crafted .conf file.

CVE-2024-51364

Jul 5, 2026 00:50:50 UTC

An arbitrary file upload vulnerability in ModbusMechanic v3.0 allows attackers to execute arbitrary code via uploading a crafted .xml file.

CVE-2024-50942

Jul 5, 2026 00:50:46 UTC

qiwen-file v1.4.0 was discovered to contain a SQL injection vulnerability via the component /mapper/NoticeMapper.xml.

CVE-2024-37816

Jul 5, 2026 00:50:38 UTC

Quectel EC25-EUX EC25EUXGAR08A05M1G was discovered to contain a stack overflow.

CVE-2024-51127

Jul 5, 2026 00:50:34 UTC

An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information.

CVE-2024-51037

Jul 5, 2026 00:50:30 UTC

An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information via the captcha feature in the password reset function.

CVE-2024-50808

Jul 5, 2026 00:50:26 UTC

SeaCms 13.1 is vulnerable to code injection in the notification module of the member message notification module in the backend user module, due to unsafe handling of the "notify" variable in admin_notify.php.

CVE-2024-48290

Jul 5, 2026 00:50:22 UTC

An issue in the Bluetooth Low Energy implementation of Realtek RTL8762E BLE SDK v1.4.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted ll_terminate_ind packet.

CVE-2024-46383

Jul 5, 2026 00:50:18 UTC

Hathway Skyworth Router CM5100-511 v4.1.1.24 was discovered to store sensitive information about USB and Wifi connected devices in plaintext.

CVE-2024-44765

Jul 5, 2026 00:50:13 UTC

An Improper Authorization (Access Control Misconfiguration) vulnerability in MGT-COMMERCE GmbH CloudPanel v2.0.0 to v2.4.2 allows low-privilege users to bypass access controls and gain unauthorized access to sensitive configuration files an...

CVE-2024-40240

Jul 5, 2026 00:50:09 UTC

An incorrect access control issue in HomeServe Home Repair' android app - 3.3.4 allows a physically proximate attacker to escalate privileges via the fingerprint authentication function.