|
310801
|
8.8 |
HIGH
Network
|
microsoft
|
power_bi_report_server
|
Power BI Report Server Spoofing Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43481
|
2024-10-17 06:34 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310802
|
4.8 |
MEDIUM
Network
|
esri
|
portal_for_arcgis
|
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted link that is…
|
CWE-79
Cross-site Scripting
|
CVE-2024-25702
|
2024-10-17 06:03 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310803
|
4.8 |
MEDIUM
Network
|
esri
|
portal_for_arcgis
|
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Experience Builder versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted…
|
CWE-79
Cross-site Scripting
|
CVE-2024-25701
|
2024-10-17 06:00 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310804
|
4.8 |
MEDIUM
Network
|
esri
|
portal_for_arcgis
|
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise versions 10.8.1 – 10.9.1 that may allow a remote, authenticated attacker to create a crafted link that is sto…
|
CWE-79
Cross-site Scripting
|
CVE-2024-25694
|
2024-10-17 06:00 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310805
|
- |
|
-
|
-
|
An issue in Creative Labs Pte Ltd com.creative.apps.xficonnect 2.00.02 allows a remote attacker to obtain sensitive information via the firmware update process.
|
-
|
CVE-2024-48795
|
2024-10-17 05:35 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310806
|
- |
|
-
|
-
|
An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A command injection vulnerability exists in the Docker integration functionality. An attacker can create…
|
-
|
CVE-2024-41997
|
2024-10-17 05:35 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310807
|
- |
|
-
|
-
|
Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing, because Cc fields are extracted from incoming e-mail messages and used to grant additional authorization …
|
-
|
CVE-2024-49193
|
2024-10-17 05:35 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310808
|
7.8 |
HIGH
Local
|
qualcomm
|
snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmware
snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmware
wsa8845h_firmware
wsa8845_firmware
wsa8840_firmware
wsa8835_firmwa…
|
Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-23369
|
2024-10-17 05:30 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310809
|
7.8 |
HIGH
Local
|
qualcomm
|
qualcomm_video_collaboration_vc1_platform_firmware
wsa8815_firmware
wsa8810_firmware
wcn3980_firmware
wcn3950_firmware
wcd9375_firmware
wcd9370_firmware
snapdragon_auto_5g_modem-…
|
Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-21455
|
2024-10-17 05:30 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310810
|
6.7 |
MEDIUM
Local
|
qualcomm
|
wsa8835_firmware
wsa8830_firmware
wcn3988_firmware
wcn3980_firmware
sw5100p_firmware
sw5100_firmware
snapdragon_auto_5g_modem-rf_gen_2_firmware
qca9377_firmware
qca9367_firmwa…
|
Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same.
|
CWE-416
Use After Free
|
CVE-2024-23370
|
2024-10-17 05:27 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
