|
312021
|
9.8 |
CRITICAL
Network
|
blakeembrey
|
template
|
@blakeembrey/template is a string template library. Prior to version 1.2.0, it is possible to inject and run code within the template if the attacker has access to write the template name. Version 1.…
|
CWE-94
Code Injection
|
CVE-2024-45390
|
2024-09-13 05:15 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312022
|
7.5 |
HIGH
Network
|
tina
|
tina
|
Tina is an open-source content management system (CMS). Sites building with Tina CMS's command line interface (CLI) prior to version 1.6.2 that use a search token may be vulnerable to the search toke…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-45391
|
2024-09-13 05:13 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312023
|
4.2 |
MEDIUM
Physics
|
yubico
|
yubikey_5c_nfc_firmware
yubikey_5_nfc_firmware
yubikey_5c_firmware
yubikey_5_nano_firmware
yubikey_5c_nano_firmware
yubikey_5ci_firmware
yubikey_5_nfc_fips_firmware
yubikey_5c_nf…
|
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive eq…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-45678
|
2024-09-13 05:07 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312024
|
4.7 |
MEDIUM
Network
|
mozilla
|
firefox_focus
|
Websites could utilize Javascript links to spoof URL addresses in the Focus navigation bar This vulnerability affects Focus for iOS < 130.
|
NVD-CWE-noinfo
|
CVE-2024-8399
|
2024-09-13 04:45 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312025
|
7.5 |
HIGH
Network
|
huawei
|
emui
harmonyos
|
Access control vulnerability in the SystemUI module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-42039
|
2024-09-13 04:37 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312026
|
7.5 |
HIGH
Network
|
huawei
|
emui
harmonyos
|
Input verification vulnerability in the system service module
Impact: Successful exploitation of this vulnerability will affect availability.
|
NVD-CWE-noinfo
|
CVE-2024-45441
|
2024-09-13 04:35 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312027
|
7.5 |
HIGH
Network
|
huawei
|
emui
harmonyos
|
Permission control vulnerability in the software update module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-45450
|
2024-09-13 04:30 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312028
|
7.8 |
HIGH
Local
|
intel
|
tdx_module_software
|
Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local acces…
|
NVD-CWE-Other
|
CVE-2024-39283
|
2024-09-13 04:15 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312029
|
8.2 |
HIGH
Local
|
intel
|
nuc_x15_laptop_kit_lapbc510_firmware
nuc_x15_laptop_kit_lapbc710_firmware
nuc_x15_laptop_kit_lapac71g_firmware
nuc_x15_laptop_kit_lapac71h_firmware
nuc_x15_laptop_kit_lapkc51e_firmware
Improper input validation in firmware for some Intel(R) NUC may allow a privileged user to potentially enableescalation of privilege via local access.
|
NVD-CWE-noinfo
|
CVE-2024-34163
|
2024-09-13 03:59 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
312030
|
7.8 |
HIGH
Local
|
intel
|
vtune_profiler
oneapi_base_toolkit
|
Uncontrolled search path in some Intel(R) VTune(TM) Profiler software before versions 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-29015
|
2024-09-13 03:53 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
