Search Results (366301 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-48734 1 Sas 1 Studio 2026-04-15 8.8 High
Unrestricted file upload in /SASStudio/SASStudio/sasexec/{sessionID}/{InternalPath} in SAS Studio 9.4 allows remote attacker to upload malicious files. NOTE: this is disputed by the vendor because file upload is allowed for authorized users.
CVE-2024-48746 1 Lensvisual 1 Lensvisual 2026-04-15 9.8 Critical
An issue in Lens Visual integration with Power BI v.4.0.0.3 allows a remote attacker to execute arbitrary code via the Natural language processing component
CVE-2024-48747 1 Alist Project 1 Alist 2026-04-15 6.8 Medium
An issue in alist-tvbox v1.7.1 allows a remote attacker to execute arbitrary code via the /atv-cli file.
CVE-2024-48768 1 Almando 1 Almando Control Firmware 2026-04-15 7.5 High
An issue in almaodo GmbH appinventor.ai_google.almando_control 2.3.1 allows a remote attacker to obtain sensitive information via the firmware update process
CVE-2024-48769 1 Burg-wchter Kg 1 Burg-wchter Kg Firmware 2026-04-15 9.1 Critical
An issue in BURG-WCHTER KG de.burgwachter.keyapp.app 4.5.0 allows a remote attacker to obtain sensitve information via the firmware update process.
CVE-2024-48772 1 C-chip 1 C-chip Firmware 2026-04-15 9.1 Critical
An issue in C-CHIP (com.cchip.cchipamaota) v.1.2.8 allows a remote attacker to obtain sensitive information via the firmware update process.
CVE-2024-48773 1 Wo-smart 1 Morepro Firmware 2026-04-15 7.5 High
An issue in WoFit v.7.2.3 allows a remote attacker to obtain sensitive information via the firmware update process
CVE-2024-48774 2026-04-15 7.5 High
An issue in Fermax Asia Pacific Pte Ltd com.fermax.vida 2.4.6 allows a remote attacker to obtain sensitve information via the firmware update process.
CVE-2024-48771 1 Almando 1 Almando Play Firmware 2026-04-15 7.5 High
An issue in almando GmbH Almando Play APP (com.almando.play) 1.8.2 allows a remote attacker to obtain sensitive information via the firmware update process
CVE-2024-48779 1 Wanxingtechnology 1 Yitu Project Management Software 2026-04-15 9.8 Critical
An issue in Wanxing Technology's Yitu project Management Software 3.2.2 allows a remote attacker to execute arbitrary code via the platformpluginpath parameter to specify that the qt plugin loads the directory.
CVE-2024-48781 1 Wanxingtechnology 1 Yitu Project Management Kirin Edition 2026-04-15 9.8 Critical
An issue in Wanxing Technology Yitu Project Management Kirin Edition 2.3.6 allows a remote attacker to execute arbitrary code via a specially constructed so file/opt/EdrawProj-2/plugins/imageformat.
CVE-2024-48782 1 Dycms 1 Dycms 2026-04-15 9.8 Critical
File Upload vulnerability in DYCMS Open-Source Version v2.0.9.41 allows a remote attacker to execute arbitrary code via the application only detecting the extension of image files in the front-end.
CVE-2024-48786 1 Switchbot 1 Switchbot Firmware 2026-04-15 9.1 Critical
An issue in SWITCHBOT INC SwitchBot (com.theswitchbot.switchbot) 5.0.4 allows a remote attacker to obtain sensitive information via the firmware update process.
CVE-2024-48784 1 Sampmax 1 Sampmax Firmware 2026-04-15 9.8 Critical
An Incorrect Access Control issue in SAMPMAX com.sampmax.homemax 2.1.2.7 allows a remote attacker to obtain sensitive information via the firmware update process.
CVE-2024-48789 1 Inatronic 1 Drivedeck 2026-04-15 7.5 High
An issue in INATRONIC com.inatronic.drivedeck.home 2.6.23 allows a remote attacker to obtain sensitve information via the firmware update process.
CVE-2024-48790 1 Ilife 1 Com Ilife Home Global 2026-04-15 5.3 Medium
An issue in ILIFE com.ilife.home.global 1.8.7 allows a remote attacker to obtain sensitive information via the firmware update process.
CVE-2024-48791 1 Plug N Play Camera 1 Plug N Play Camera 2026-04-15 7.5 High
An issue in Plug n Play Camera com.starvedia.mCamView.zwave 5.5.1 allows a remote attacker to obtain sensitive information via the firmware update process
CVE-2024-48792 1 Hideez 1 Com.hideez Firmware 2026-04-15 7.5 High
An issue in Hideez com.hideez 2.7.8.3 allows a remote attacker to obtain sensitive information via the firmware update process.
CVE-2024-48788 1 Yescam 1 Yescam Firmware 2026-04-15 7.5 High
An issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive information via the firmware update process.
CVE-2024-48795 1 Creative Labs Pte Ltd 1 Com Creative Apps Xficonnect 2026-04-15 5.3 Medium
An issue in Creative Labs Pte Ltd com.creative.apps.xficonnect 2.00.02 allows a remote attacker to obtain sensitive information via the firmware update process.