|
249371
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/ncsi: Disable the ncsi work before freeing the associated structure
The work function can run after the ncsi device is freed,…
|
CWE-416
Use After Free
|
CVE-2024-49945
|
2024-11-1 23:52 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249372
|
5.9 |
MEDIUM
Network
|
securesystems
|
connaisseur
|
A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and classified as problematic. This vulnerability affects unknown code of the file connaisseur/res/targets_schema.…
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2023-7279
|
2024-11-1 23:43 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249373
|
9.8 |
CRITICAL
Network
|
tenda
|
ac1206_firmware
|
A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This vulnerability affects the function ate_iwpriv_set/ate_ifconfig_set of the file /goform/ate. The manipulation l…
|
CWE-78
OS Command
|
CVE-2024-9793
|
2024-11-1 23:36 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249374
|
- |
|
-
|
-
|
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). The password could be reset by anyone who have access to the ma…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2024-50356
|
2024-11-1 23:35 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249375
|
7.1 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect …
|
CWE-863
Incorrect Authorization
|
CVE-2024-8691
|
2024-11-1 23:26 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249376
|
6.5 |
MEDIUM
Network
|
mattermost
|
mattermost_desktop
|
Mattermost Desktop App versions <=5.8.0 fail to sufficiently configure Electron Fuses which allows an attacker to gather Chromium cookies or abuse other misconfigurations via remote/local access.
|
NVD-CWE-Other
|
CVE-2024-45835
|
2024-11-1 23:20 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249377
|
5.3 |
MEDIUM
Network
|
mattermost
|
mattermost_desktop
|
Mattermost Desktop App versions <=5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs.
|
NVD-CWE-noinfo
|
CVE-2024-39772
|
2024-11-1 23:20 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249378
|
7.5 |
HIGH
Network
|
gaizhenbiao
|
chuanhuchatgpt
|
An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. An attacker can read any file that matche…
|
CWE-22
Path Traversal
|
CVE-2024-7962
|
2024-11-1 23:19 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249379
|
5.4 |
MEDIUM
Network
|
ysoft
|
safeq
|
Multiple Stored Cross-Site Scripting vulnerabilities were discovered in Y Soft SAFEQ 6 Build 53. Multiple fields in the YSoft SafeQ web application can be used to inject malicious inputs that, due to…
|
CWE-79
Cross-site Scripting
|
CVE-2022-23861
|
2024-11-1 23:19 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249380
|
8.8 |
HIGH
Network
|
tenda
|
rx9_pro_firmware
|
A vulnerability, which was classified as critical, has been found in Tenda RX9 and RX9 Pro 22.03.02.20. Affected by this issue is the function sub_4337EC of the file /goform/SetNetControlList. The ma…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-10283
|
2024-11-1 23:08 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
