|
308141
|
4.3 |
MEDIUM
Network
|
adobe
|
commerce
magento
|
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged att…
|
NVD-CWE-noinfo
|
CVE-2024-39412
|
2024-10-16 22:33 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308142
|
5.5 |
MEDIUM
Local
|
adobe
|
after_effects
|
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-41867
|
2024-10-16 22:31 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308143
|
7.2 |
HIGH
Network
|
ivanti
|
endpoint_manager_cloud_services_appliance
|
Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions.
|
CWE-22
Path Traversal
|
CVE-2024-9381
|
2024-10-16 22:30 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308144
|
7.5 |
HIGH
Network
|
ivanti
|
avalanche
|
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information
|
CWE-22
Path Traversal
|
CVE-2024-47011
|
2024-10-16 22:28 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308145
|
9.8 |
CRITICAL
Network
|
ivanti
|
avalanche
|
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication.
|
CWE-22
Path Traversal
|
CVE-2024-47010
|
2024-10-16 22:28 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308146
|
8.8 |
HIGH
Network
|
adobe
|
commerce
magento
commerce_b2b
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authentication vulnerability that could result in a security feature bypass. A low-privileged a…
|
NVD-CWE-noinfo
|
CVE-2024-45148
|
2024-10-16 22:27 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308147
|
9.8 |
CRITICAL
Network
|
ivanti
|
avalanche
|
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication.
|
CWE-22
Path Traversal
|
CVE-2024-47009
|
2024-10-16 22:26 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308148
|
7.5 |
HIGH
Network
|
ivanti
|
avalanche
|
Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-47008
|
2024-10-16 22:24 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308149
|
7.5 |
HIGH
Network
|
ivanti
|
avalanche
|
A NULL pointer dereference in WLAvalancheService.exe of Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to cause a denial of service.
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47007
|
2024-10-16 22:23 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308150
|
6.7 |
MEDIUM
Local
|
microsoft
|
windows_server_2012
windows_10_1507
windows_server_2016
windows_server_2022_23h2
windows_10_1809
windows_server_2022
windows_11_21h2
windows_10_21h2
windows_10_22h2
windows…
|
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-37983
|
2024-10-16 22:15 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
