|
306471
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTM…
|
NVD-CWE-noinfo
|
CVE-2024-6999
|
2024-10-31 05:35 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306472
|
8.1 |
HIGH
Network
|
mozilla
|
firefox
|
A select option could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions.
*This issue only affects Android versions of Firefox.* Thi…
|
NVD-CWE-Other
|
CVE-2024-7523
|
2024-10-31 05:35 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306473
|
4.1 |
MEDIUM
Network
|
solarwinds
|
serv-u
|
Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ permissions can modify a variable with a payload.
|
CWE-79
Cross-site Scripting
|
CVE-2024-45714
|
2024-10-31 05:33 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306474
|
4.9 |
MEDIUM
Network
|
topdata
|
inner_rep_plus
|
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2024-10128
|
2024-10-31 05:31 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306475
|
9.8 |
CRITICAL
Network
|
riskengine
|
radar
|
A vulnerability has been found in wfh45678 Radar up to 1.0.8 and classified as critical. This vulnerability affects unknown code of the file /services/v1/common/upload. The manipulation of the argume…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10120
|
2024-10-31 05:20 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306476
|
7.8 |
HIGH
Local
|
lakesidesoftware
|
systrack_lsiagent
|
Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows contains a local privilege escalation vulnerability which allows attackers SYSTEM level access.
|
NVD-CWE-Other
|
CVE-2023-6080
|
2024-10-31 05:12 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306477
|
- |
|
-
|
-
|
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system.
|
-
|
CVE-2024-44301
|
2024-10-31 04:35 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306478
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system.
|
NVD-CWE-noinfo
|
CVE-2024-44287
|
2024-10-31 04:35 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306479
|
2.4 |
LOW
Physics
|
apple
|
macos
|
The issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An attacker with physical access can input Game Controller…
|
NVD-CWE-noinfo
|
CVE-2024-44265
|
2024-10-31 04:35 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306480
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.
|
NVD-CWE-noinfo
|
CVE-2024-44253
|
2024-10-31 04:35 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
