|
310111
|
7.8 |
HIGH
Local
|
mattermost
|
mattermost_desktop
|
Mattermost Desktop App versions <=5.8.0 fail to specify an absolute path when searching the cmd.exe file, which allows a local attacker who is able to put an cmd.exe file in the Downloads folder of …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-39613
|
2024-09-20 22:59 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310112
|
5.3 |
MEDIUM
Physics
|
rfideas
|
micard_plus_ci_firmware
micard_plus_ble_firmware
|
The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT-ware have a firmware fault that may result in characters randomly being dropped from some ID card read…
|
NVD-CWE-noinfo
|
CVE-2024-1578
|
2024-09-20 22:53 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310113
|
6.1 |
MEDIUM
Network
|
jetbrains
|
intellij_idea
|
In JetBrains IntelliJ IDEA before 2024.1 hTML injection via the project name was possible
|
CWE-79
Cross-site Scripting
|
CVE-2024-46970
|
2024-09-20 22:23 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310114
|
5.0 |
MEDIUM
Network
|
nozominetworks
|
cmc
guardian
|
An access control vulnerability was discovered in the Reports section due to a specific access restriction not being properly enforced for users with limited privileges.
If a logged-in user with r…
|
CWE-863
Incorrect Authorization
|
CVE-2024-4465
|
2024-09-20 22:15 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310115
|
5.5 |
MEDIUM
Local
|
samsung
|
exynos_980_firmware
exynos_850_firmware
exynos_1080_firmware
exynos_1280_firmware
exynos_1380_firmware
exynos_1330_firmware
exynos_1480_firmware
exynos_w920_firmware
exynos_w9…
|
An issue was discovered in Samsung Mobile Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_b…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-27365
|
2024-09-20 22:09 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310116
|
7.2 |
HIGH
Network
|
mailcow
|
mailcow\
|
mailcow: dockerized is an open source groupware/email suite based on docker. A vulnerability has been discovered in the two-factor authentication (2FA) mechanism. This flaw allows an authenticated at…
|
NVD-CWE-noinfo
|
CVE-2024-41958
|
2024-09-20 21:58 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310117
|
8.8 |
HIGH
Network
|
nuxt
|
nuxt
|
Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. Nuxt Devtools is missing authentication on the `getTextAssetContent` RPC function which is vul…
|
CWE-22
Path Traversal
|
CVE-2024-23657
|
2024-09-20 21:49 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310118
|
- |
|
-
|
-
|
A vulnerability in the FAISS.deserialize_from_bytes function of langchain-ai/langchain allows for pickle deserialization of untrusted data. This can lead to the execution of arbitrary commands via th…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-5998
|
2024-09-20 21:31 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310119
|
- |
|
-
|
-
|
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 619, Acronis Back…
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2024-8767
|
2024-09-20 21:31 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310120
|
- |
|
-
|
-
|
Denial of Service (DoS) vulnerability has been found in Dual-redundant Platform for Computer.
If a computer on which the affected product is installed receives a large number of UDP broadcast packets…
|
-
|
CVE-2024-8110
|
2024-09-20 21:31 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
