|
304621
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.
|
NVD-CWE-noinfo
|
CVE-2024-44196
|
2024-11-14 11:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304622
|
7.8 |
HIGH
Local
|
artifex
debian
suse
|
ghostscript
debian_linux
linux_enterprise_high_performance_computing
linux_enterprise_server
linux_enterprise_server_for_sap
|
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2024-46951
|
2024-11-14 11:13 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304623
|
7.8 |
HIGH
Local
|
artifex
debian
suse
|
ghostscript
debian_linux
linux_enterprise_high_performance_computing
linux_enterprise_server
linux_enterprise_server_for_sap
|
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-46953
|
2024-11-14 11:01 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304624
|
7.8 |
HIGH
Local
|
artifex
debian
|
ghostscript
debian_linux
|
An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46952
|
2024-11-14 11:01 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304625
|
- |
|
-
|
-
|
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. Th…
|
-
|
CVE-2024-43093
|
2024-11-14 11:00 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304626
|
7.8 |
HIGH
Local
|
artifex
|
ghostscript
|
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
|
CWE-22
Path Traversal
|
CVE-2024-46954
|
2024-11-14 10:58 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304627
|
5.5 |
MEDIUM
Local
|
artifex
debian
suse
|
ghostscript
debian_linux
linux_enterprise_high_performance_computing
linux_enterprise_server
linux_enterprise_server_for_sap
|
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.
|
CWE-125
Out-of-bounds Read
|
CVE-2024-46955
|
2024-11-14 10:53 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304628
|
6.1 |
MEDIUM
Network
|
microsoft
|
nugetgallery
|
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HT…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47604
|
2024-11-14 08:17 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304629
|
7.5 |
HIGH
Network
|
siemens
|
simatic_cp_1543-1_firmware
|
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < V4.0.50). Affected devices do not properly handle authorization. This could allow an unau…
|
CWE-863
Incorrect Authorization
|
CVE-2024-50310
|
2024-11-14 08:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304630
|
7.3 |
HIGH
Local
|
siemens
|
solid_edge_se2024
|
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications suffer from a DLL hijacking vulnerability. This could allow an attacker to execute…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-47942
|
2024-11-14 08:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
