|
312141
|
7.8 |
HIGH
Local
|
intel
|
simics_package_manager
|
Uncontrolled search path for some Intel(R) Simics Package Manager software before version 1.8.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-26027
|
2024-09-7 03:52 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312142
|
5.5 |
MEDIUM
Local
|
intel
|
memory_and_storage_tool_gui
|
Incorrect default permissions in software installer for Intel(R) MAS (GUI) may allow an authenticated user to potentially enable denial of service via local access.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-27461
|
2024-09-7 03:45 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312143
|
7.8 |
HIGH
Local
|
intel
|
graphics_performance_analyzers
|
Uncontrolled search path in some Intel(R) GPA software before version 2024.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-28046
|
2024-09-7 03:40 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312144
|
5.5 |
MEDIUM
Local
|
intel
|
arc_a_graphics
iris_xe_graphics
|
Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.4824 may allow an authenticated user to potentially enable denial of service via local access.
|
NVD-CWE-noinfo
|
CVE-2024-28050
|
2024-09-7 03:38 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312145
|
7.3 |
HIGH
Local
|
intel
|
oneapi_hpc_toolkit
trace_analyzer_and_collector
|
Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-28172
|
2024-09-7 03:36 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312146
|
7.3 |
HIGH
Local
|
intel
|
mpi_library
oneapi_hpc_toolkit
|
Uncontrolled search path for some Intel(R) MPI Library software before version 2021.12 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-28876
|
2024-09-7 03:35 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312147
|
9.8 |
CRITICAL
Network
|
lopalopa
|
music_management_system
|
Kashipara Music Management System v1.0 is vulnerable to SQL Injection via /music/manage_playlist_items.php. An attacker can execute arbitrary SQL commands via the "pid" parameter.
|
CWE-89
SQL Injection
|
CVE-2024-42783
|
2024-09-7 03:31 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312148
|
7.2 |
HIGH
Network
|
ethyca
|
fides
|
Fides is an open-source privacy engineering platform. Starting in version 2.19.0 and prior to version 2.44.0, the Email Templating feature uses Jinja2 without proper input sanitization or rendering e…
|
CWE-94
Code Injection
|
CVE-2024-45053
|
2024-09-7 03:20 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312149
|
5.3 |
MEDIUM
Network
|
ethyca
|
fides
|
Fides is an open-source privacy engineering platform. Prior to version 2.44.0, a timing-based username enumeration vulnerability exists in Fides Webserver authentication. This vulnerability allows an…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-45052
|
2024-09-7 03:18 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312150
|
7.5 |
HIGH
Network
|
zyxel
|
nebula_lte3301-plus_firmware
nebula_fwa505_firmware
nebula_fwa710_firmware
nebula_fwa510_firmware
wx5600-t0_firmware
wx3401-b0_firmware
wx3100-t0_firmware
scr50axe_firmware
px…
|
A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) condition…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-5412
|
2024-09-7 03:07 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
