|
251821
|
5.5 |
MEDIUM
Local
|
adobe
|
acrobat
|
Acrobat for Edge versions 126.0.2592.81 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-39379
|
2024-10-16 22:38 |
2024-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251822
|
6.8 |
MEDIUM
Network
|
adobe
|
commerce
magento
|
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could l…
|
CWE-22
Path Traversal
|
CVE-2024-39406
|
2024-10-16 22:37 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251823
|
4.3 |
MEDIUM
Network
|
adobe
|
commerce
magento
|
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features a…
|
CWE-352
Origin Validation Error
|
CVE-2024-39408
|
2024-10-16 22:36 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251824
|
4.3 |
MEDIUM
Network
|
adobe
|
commerce
magento
|
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features a…
|
CWE-352
Origin Validation Error
|
CVE-2024-39409
|
2024-10-16 22:35 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251825
|
4.3 |
MEDIUM
Network
|
adobe
|
commerce
magento
|
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features a…
|
CWE-352
Origin Validation Error
|
CVE-2024-39410
|
2024-10-16 22:34 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251826
|
5.4 |
MEDIUM
Network
|
flatpress
|
flatpress
|
FlatPress v1.3 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the "Add New Entry" section, which allows them to execute arbitrary code in the conte…
|
CWE-79
Cross-site Scripting
|
CVE-2024-33209
|
2024-10-16 22:33 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251827
|
4.3 |
MEDIUM
Network
|
adobe
|
commerce
magento
|
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged att…
|
NVD-CWE-noinfo
|
CVE-2024-39412
|
2024-10-16 22:33 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251828
|
5.5 |
MEDIUM
Local
|
adobe
|
after_effects
|
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-41867
|
2024-10-16 22:31 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251829
|
7.2 |
HIGH
Network
|
ivanti
|
endpoint_manager_cloud_services_appliance
|
Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions.
|
CWE-22
Path Traversal
|
CVE-2024-9381
|
2024-10-16 22:30 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251830
|
7.5 |
HIGH
Network
|
ivanti
|
avalanche
|
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information
|
CWE-22
Path Traversal
|
CVE-2024-47011
|
2024-10-16 22:28 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
