|
315831
|
9.8 |
CRITICAL
Network
|
mi
|
getapps
|
A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability t…
|
NVD-CWE-noinfo
|
CVE-2023-26324
|
2024-09-13 02:27 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315832
|
9.8 |
CRITICAL
Network
|
mi
|
getapps
|
A code execution vulnerability exists in the XiaomiGetApps application product. This vulnerability is caused by the verification logic being bypassed, and an attacker can exploit this vulnerability t…
|
NVD-CWE-noinfo
|
CVE-2023-26322
|
2024-09-13 02:27 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315833
|
6.1 |
MEDIUM
Local
|
clamav
|
clamav
|
A vulnerability in the ClamD service module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versio…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-20506
|
2024-09-13 02:26 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315834
|
9.8 |
CRITICAL
Network
|
mi
|
app_market
|
A code execution vulnerability exists in the Xiaomi App market product. The vulnerability is caused by unsafe configuration and can be exploited by attackers to execute arbitrary code.
|
NVD-CWE-noinfo
|
CVE-2023-26323
|
2024-09-13 02:22 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315835
|
6.1 |
MEDIUM
Network
|
forcepoint
|
email_security
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Email Security (Real Time Monitor modules) allows Reflected XSS.This issue affects Ema…
|
CWE-79
Cross-site Scripting
|
CVE-2024-2166
|
2024-09-13 02:19 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315836
|
7.3 |
HIGH
Local
|
acronis
|
snap_deploy
|
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 4569.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-34019
|
2024-09-13 02:18 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315837
|
5.3 |
MEDIUM
Network
|
dlink
|
dns-320_firmware
|
A vulnerability, which was classified as problematic, was found in D-Link DNS-320 2.02b01. This affects an unknown part of the file /cgi-bin/discovery.cgi of the component Web Management Interface. T…
|
NVD-CWE-noinfo
|
CVE-2024-8461
|
2024-09-13 02:17 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315838
|
5.5 |
MEDIUM
Local
|
acronis
|
snap_deploy
|
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4569.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-34018
|
2024-09-13 02:17 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315839
|
7.3 |
HIGH
Local
|
acronis
|
snap_deploy
|
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 4569.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-34017
|
2024-09-13 02:16 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315840
|
- |
|
-
|
-
|
An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via `aut…
|
CWE-285
Improper Authorization
|
CVE-2024-6840
|
2024-09-13 02:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
