|
310271
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.
|
NVD-CWE-noinfo
|
CVE-2024-40842
|
2024-09-24 23:56 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310272
|
7.5 |
HIGH
Network
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A non-privileged user may be able to modify restricted network settings.
|
CWE-281
Improper Preservation of Permissions
|
CVE-2024-40770
|
2024-09-24 23:55 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310273
|
8.1 |
HIGH
Network
|
micropython
|
micropython
|
A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use …
|
CWE-416
Use After Free
|
CVE-2024-8947
|
2024-09-24 22:17 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310274
|
7.5 |
HIGH
Network
|
micropython
|
micropython
|
A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mp_vfs_umount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipula…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8946
|
2024-09-24 22:11 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310275
|
7.8 |
HIGH
Local
|
microsoft
|
visio
office
365_apps
office_long_term_servicing_channel
|
Microsoft Office Visio Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-38016
|
2024-09-24 20:11 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310276
|
4.3 |
MEDIUM
Physics
|
redhat
opensc_project
|
enterprise_linux
opensc
|
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially craft…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-45619
|
2024-09-24 08:26 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310277
|
7.2 |
HIGH
Network
|
acquia
|
mautic
|
Prior to the patched version, logged in users of Mautic are vulnerable to an SQL injection vulnerability in the Reports bundle.
The user could retrieve and alter data like sensitive data, login, and…
|
CWE-89
SQL Injection
|
CVE-2022-25775
|
2024-09-24 08:22 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310278
|
5.4 |
MEDIUM
Network
|
acquia
|
mautic
|
Prior to the patched version, logged in users of Mautic are vulnerable to a self XSS vulnerability in the notifications within Mautic.
Users could inject malicious code into the notification when sa…
|
CWE-79
Cross-site Scripting
|
CVE-2022-25774
|
2024-09-24 08:21 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310279
|
4.8 |
MEDIUM
Network
|
concretecms
|
concrete_cms
|
Concrete CMS versions 9.0.0 through 9.3.3 are affected by a
stored XSS vulnerability in the "Top Navigator Bar" block.
Since the "Top Navigator Bar" output was not sufficiently sanitized, a rogue adm…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8660
|
2024-09-24 08:00 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310280
|
5.5 |
MEDIUM
Local
|
apple
|
visionos
|
The issue was addressed with improved handling of caches. This issue is fixed in visionOS 2. An app may be able to read sensitive data from the GPU memory.
|
NVD-CWE-noinfo
|
CVE-2024-40790
|
2024-09-24 07:55 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
