|
309971
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access a user's Photos Library.
|
CWE-281
Improper Preservation of Permissions
|
CVE-2024-40831
|
2024-09-24 04:18 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309972
|
- |
|
-
|
-
|
An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 13…
|
-
|
CVE-2024-25073
|
2024-09-24 04:15 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309973
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An application may be able to read restricted memory.
|
NVD-CWE-noinfo
|
CVE-2024-27860
|
2024-09-24 04:10 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309974
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.
|
NVD-CWE-noinfo
|
CVE-2024-40837
|
2024-09-24 03:50 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309975
|
6.5 |
MEDIUM
Network
|
backstage
|
backstage
|
Backstage is an open framework for building developer portals. When using the AWS S3 or GCS storage provider for TechDocs it is possible to access content in the entire storage bucket. This can leak …
|
CWE-22
Path Traversal
|
CVE-2024-45816
|
2024-09-24 03:41 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309976
|
6.5 |
MEDIUM
Network
|
backstage
|
backstage
|
Backstage is an open framework for building developer portals. A malicious actor with authenticated access to a Backstage instance with the catalog backend plugin installed is able to interrupt the s…
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2024-45815
|
2024-09-24 03:31 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309977
|
5.4 |
MEDIUM
Network
|
backstage
|
backstage
|
Backstage is an open framework for building developer portals. An attacker with control of the contents of the TechDocs storage buckets is able to inject executable scripts in the TechDocs content th…
|
CWE-79
Cross-site Scripting
|
CVE-2024-46976
|
2024-09-24 03:27 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309978
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8907
|
2024-09-24 03:23 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309979
|
6.1 |
MEDIUM
Network
|
oretnom23
|
resort_reservation_system
|
A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file manage_fee.php. The manipul…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8951
|
2024-09-24 03:12 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309980
|
7.5 |
HIGH
Network
|
micropython
|
micropython
|
A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected by this issue is the function mpz_as_bytes of the file py/objint.c. The manipulation leads to heap-based buffe…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8948
|
2024-09-24 03:10 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
