|
305141
|
9.8 |
CRITICAL
Network
|
kubernetes
|
image_builder
|
A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmo…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-9486
|
2024-11-9 05:56 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305142
|
5.5 |
MEDIUM
Local
|
avg
avast
|
antivirus
|
An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing.
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-9484
|
2024-11-9 05:55 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305143
|
5.5 |
MEDIUM
Local
|
avg
avast
|
antivirus
|
A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application dur…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-9483
|
2024-11-9 05:54 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305144
|
8.1 |
HIGH
Network
|
kubernetes
|
image_builder
|
A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw provi…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-9594
|
2024-11-9 05:50 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305145
|
5.5 |
MEDIUM
Local
|
avg
avast
|
antivirus
|
An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-9482
|
2024-11-9 05:49 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305146
|
5.5 |
MEDIUM
Local
|
avg
avast
|
antivirus
|
An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed eml file to crash the application during file processing.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-9481
|
2024-11-9 05:49 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305147
|
9.8 |
CRITICAL
Network
|
cozythemes
|
fotawp
|
Missing Authorization vulnerability in CozyThemes Fota WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fota WP: from n/a through 1.4.1.
|
CWE-862
Missing Authorization
|
CVE-2024-43980
|
2024-11-9 05:45 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305148
|
9.8 |
CRITICAL
Network
|
cozythemes
|
blockbooster
|
Missing Authorization vulnerability in CozyThemes Blockbooster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockbooster: from n/a through 1.0.10.
|
CWE-862
Missing Authorization
|
CVE-2024-43979
|
2024-11-9 05:44 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305149
|
9.8 |
CRITICAL
Network
|
cozythemes
|
revivenews
|
Missing Authorization vulnerability in CozyThemes ReviveNews allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReviveNews: from n/a through 1.0.2.
|
CWE-862
Missing Authorization
|
CVE-2024-43974
|
2024-11-9 05:43 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305150
|
8.8 |
HIGH
Network
|
newspack
|
newspack
|
Broken Access Control vulnerability in Automattic Newspack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack: from n/a through 3.8.6.
|
CWE-862
Missing Authorization
|
CVE-2024-43968
|
2024-11-9 05:43 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
