|
313291
|
5.5 |
MEDIUM
Local
|
acronis
|
snap_deploy
|
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4569.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-34018
|
2024-09-13 02:17 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313292
|
7.3 |
HIGH
Local
|
acronis
|
snap_deploy
|
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 4569.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-34017
|
2024-09-13 02:16 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313293
|
- |
|
-
|
-
|
An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via `aut…
|
CWE-285
Improper Authorization
|
CVE-2024-6840
|
2024-09-13 02:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313294
|
8.8 |
HIGH
Network
|
phpgurukul
|
job_portal
|
File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8463
|
2024-09-13 02:15 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313295
|
4.7 |
MEDIUM
Physics
|
arm
|
trusted_firmware-m
|
An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function.
|
NVD-CWE-Other
|
CVE-2023-51712
|
2024-09-13 02:11 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313296
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tcp: add sanity tests to TCP_QUEUE_SEQ
Qingyu Li reported a syzkaller bug where the repro
changes RCV SEQ _after_ restoring data …
|
NVD-CWE-noinfo
|
CVE-2021-4442
|
2024-09-13 01:58 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313297
|
5.9 |
MEDIUM
Network
|
identityautomation
|
rapididentity
|
RapidIdentity LTS through 2023.0.2 and Cloud through 2024.08.0 improperly restricts excessive authentication attempts and allows a remote attacker to cause a denial of service via the username parame…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2024-45589
|
2024-09-13 01:54 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313298
|
6.1 |
MEDIUM
Network
|
linuxos
|
shakal-ng
|
A vulnerability, which was classified as problematic, was found in LinuxOSsk Shakal-NG up to 1.3.3. Affected is an unknown function of the file comments/views.py. The manipulation of the argument nex…
|
CWE-601
Open Redirect
|
CVE-2024-8412
|
2024-09-13 01:47 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313299
|
7.2 |
HIGH
Network
|
funnelforms
|
funnelforms_free
|
The Funnelforms Free plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'af2_add_font' function in all versions up to, and including, 3.7.3.2. Thi…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-6311
|
2024-09-13 01:46 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313300
|
7.5 |
HIGH
Network
|
eclipse
|
vert.x
|
In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not limit the maximum length of message payload (Maven GAV: io.vertx:vertx-grpc-server and io.vertx:vertx-grpc-client).
This is fix…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-8391
|
2024-09-13 01:44 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
