|
310201
|
7.5 |
HIGH
Network
|
sigstore
|
sigstore-go
|
sigstore-go, a Go library for Sigstore signing and verification, is susceptible to a denial of service attack in versions prior to 0.6.1 when a verifier is provided a maliciously crafted Sigstore Bun…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-45395
|
2024-09-25 01:50 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310202
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2, where group runners information was disclosed to un…
|
NVD-CWE-noinfo
|
CVE-2024-6685
|
2024-09-25 01:48 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310203
|
6.1 |
MEDIUM
Network
|
cern
|
indico
|
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In Indico prior to version 3.3.4, corresponding to Flask-Multipass prior to version 0.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45399
|
2024-09-25 01:48 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310204
|
6.7 |
MEDIUM
Local
|
qnap
|
qvr_smart_client
|
An unquoted search path or element vulnerability has been reported to affect QVR Smart Client. If exploited, the vulnerability could allow local authenticated administrators to execute unauthorized c…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2022-27592
|
2024-09-25 01:44 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310205
|
7.5 |
HIGH
Network
|
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the fid parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46580
|
2024-09-25 01:42 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310206
|
7.5 |
HIGH
Network
|
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPPPSrvNm parameter at fwuser.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted …
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46571
|
2024-09-25 01:42 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310207
|
7.5 |
HIGH
Network
|
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sPeerId parameter at vpn.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46568
|
2024-09-25 01:42 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310208
|
7.5 |
HIGH
Network
|
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the iProfileIdx parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46567
|
2024-09-25 01:42 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310209
|
7.5 |
HIGH
Network
|
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the CGIbyFieldName parameter at chglog.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a cra…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46550
|
2024-09-25 01:42 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310210
|
7.2 |
HIGH
Network
|
qnap
|
qts
|
An OS command injection vulnerability has been reported to affect legacy QTS. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.
We have alre…
|
CWE-78
OS Command
|
CVE-2023-39300
|
2024-09-25 01:42 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
