|
308461
|
8.8 |
HIGH
Network
|
combodo
|
itop
|
Combodo iTop is a simple, web based IT Service Management tool. This vulnerability can be used to create HTTP requests on behalf of the server, from a low privileged user. The user portal form manage…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-51740
|
2024-11-9 06:09 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308462
|
9.8 |
CRITICAL
Network
|
didi
|
super-jacoco
|
A vulnerability has been found in didi Super-Jacoco 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cov/triggerUnitCover. The manipulation of t…
|
CWE-78
OS Command
|
CVE-2024-10919
|
2024-11-9 06:07 |
2024-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308463
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xfrm: fix one more kernel-infoleak in algo dumping
During fuzz testing, the following issue was discovered:
BUG: KMSAN: kernel-i…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-50110
|
2024-11-9 06:05 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308464
|
6.1 |
MEDIUM
Network
|
themehigh
|
checkout_field_editor
|
The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘render_review_request_notice’ function in all versions up to…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8499
|
2024-11-9 06:01 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308465
|
6.5 |
MEDIUM
Network
|
eclipse
|
jetty
|
There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending cra…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-8184
|
2024-11-9 06:00 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308466
|
9.8 |
CRITICAL
Network
|
kubernetes
|
image_builder
|
A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmo…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-9486
|
2024-11-9 05:56 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308467
|
5.5 |
MEDIUM
Local
|
avg
avast
|
antivirus
|
An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing.
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-9484
|
2024-11-9 05:55 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308468
|
5.5 |
MEDIUM
Local
|
avg
avast
|
antivirus
|
A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application dur…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-9483
|
2024-11-9 05:54 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308469
|
8.1 |
HIGH
Network
|
kubernetes
|
image_builder
|
A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw provi…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-9594
|
2024-11-9 05:50 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308470
|
5.5 |
MEDIUM
Local
|
avg
avast
|
antivirus
|
An out-of-bounds write in the engine module in AVG/Avast Antivirus signature <24092400 released on 24/Sep/2024 on MacOS allows a malformed Mach-O file to crash the application during file processing.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-9482
|
2024-11-9 05:49 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
