|
308581
|
7.4 |
HIGH
Network
|
-
|
-
|
Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector
|
CWE-200
Information Exposure
|
CVE-2024-43610
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308582
|
- |
|
-
|
-
|
ImportDump is an extension for mediawiki designed to automate user import requests. Anyone who can edit the interface strings of a wiki (typically administrators and interface admins) can embed XSS p…
|
CWE-79
CWE-80
Cross-site Scripting
Basic XSS
|
CVE-2024-47812
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308583
|
- |
|
-
|
-
|
Wasmtime is an open source runtime for WebAssembly. Under certain concurrent event orderings, a `wasmtime::Engine`'s internal type registry was susceptible to double-unregistration bugs due to a race…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-47813
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308584
|
- |
|
-
|
-
|
Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash in certain WebAssembly modules. The ru…
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2024-47763
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308585
|
- |
|
-
|
-
|
Lack of access control in ChallengeSolves (/api/v1/challenges/<challenge id>/solves) of CTFd v2.0.0 - v3.7.2 allows authenticated users to retrieve a list of users who have solved the challenge, rega…
|
-
|
CVE-2024-42988
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308586
|
- |
|
-
|
-
|
DrayTek Vigor3900 v1.5.1.6 was discovered to contain a command injection vulnerability via the sub_2C920 function at /cgi-bin/mainfunction.cgi. This vulnerability allows attackers to execute arbitrar…
|
-
|
CVE-2024-46316
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308587
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to byp…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47420
|
2024-10-10 21:51 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308588
|
- |
|
-
|
-
|
Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to byp…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47419
|
2024-10-10 21:51 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308589
|
7.8 |
HIGH
Local
|
-
|
-
|
Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue…
|
CWE-416
Use After Free
|
CVE-2024-47418
|
2024-10-10 21:51 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308590
|
7.8 |
HIGH
Local
|
-
|
-
|
Animate versions 23.0.7, 24.0.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o…
|
-
|
CVE-2024-47417
|
2024-10-10 21:51 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
