|
61
|
5.9
-
|
MEDIUM
Network
|
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of th…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2024-49393
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-14 23:31
2024-11-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
62
|
7.8
-
|
HIGH
Local
|
In the Linux kernel, the following vulnerability has been resolved:
parport: Proper fix for array out-of-bounds access
The recent fix for array out-of-bounds accesses replaced sprintf()
calls blind…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-50074
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-9 01:15
2024-10-29
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
63
|
8.2
-
|
HIGH
Network
|
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw a…
|
CWE-59
Link Following
|
CVE-2024-9341
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-23 04:34
2024-10-2
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
64
|
5.5
-
|
MEDIUM
Local
|
A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivi…
|
-
|
CVE-2024-8354
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 18:53
2024-09-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
65
|
2.9
-
|
LOW
Physics
|
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8443
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-10-1 22:15
2024-09-10
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
66
|
3.9
-
|
LOW
Physics
|
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs.
Insufficient…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-45618
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-09-14 01:30
2024-09-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
67
|
3.9
-
|
LOW
Physics
|
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially craft…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-45617
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-09-14 04:21
2024-09-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
68
|
3.9
-
|
LOW
Physics
|
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially craft…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-45616
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-09-14 04:21
2024-09-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
69
|
3.9
-
|
LOW
Physics
|
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK.
The problem is missing initialization of variables expected to be initialized (as arguments to other function…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-45615
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-09-14 04:21
2024-09-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
70
|
3.9
-
|
LOW
Physics
|
A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When …
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-45620
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-09-20 04:21
2024-09-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|