91
|
- |
|
-
|
-
|
A logic issue was addressed with improved restrictions. This issue is fixed in iTunes 12.13.3 for Windows. A local attacker may be able to elevate their privileges.
New
|
-
|
CVE-2024-44193
|
2024-10-3 00:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
92
|
8.8 |
HIGH
Network
|
freeipa
|
freeipa
|
A vulnerability was found in FreeIPA in how the initial implementation of MS-SFU by MIT Kerberos was missing a condition for granting the "forwardable" flag on S4U2Self tickets. Fixing this mistake r…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2024-2698
|
2024-10-3 00:15 |
2024-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
93
|
5.5 |
MEDIUM
Local
|
opentext
|
identity_manager_azuread_driver
|
A vulnerability identified in OpenText™
Identity Manager AzureAD Driver that allows logging of sensitive information into log file. This impacts all versions before 5.1.4.0
Update
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-22518
|
2024-10-3 00:10 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
94
|
7.5 |
HIGH
Network
netiq
|
identity_manager_rest_driver
|
Possible Insertion of Sensitive Information into Log File Vulnerability
in Identity Manager has been discovered in
OpenText™
Identity Manager REST Driver. This impact version before 1.1.2.0200.
Update
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2022-26322
|
2024-10-3 00:03 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
95
|
9.8 |
CRITICAL
Network
rockwellautomation
|
factorytalk_batch_view
|
CVE-2024-45823 IMPACT
An
authentication bypass vulnerability exists in the affected product. The
vulnerability exists due to shared secrets across accounts and could allow a threat
actor to impers…
Update
|
NVD-CWE-noinfo
|
CVE-2024-45823
|
2024-10-2 23:49 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
96
|
8.3 |
HIGH
Network
|
nvidia
|
nvidia_container_toolkit nvidia_gpu_operator
|
NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain acces…
Update
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-0132
|
2024-10-2 23:45 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
97
|
3.4 |
LOW
Network
|
nvidia
|
nvidia_container_toolkit nvidia_gpu_operator
|
NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This d…
Update
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-0133
|
2024-10-2 23:43 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
98
|
7.5 |
HIGH
Network
rockwellautomation
|
5015-u8ihft_firmware
|
CVE-2024-45825 IMPACT
A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a m…
Update
|
NVD-CWE-noinfo
|
CVE-2024-45825
|
2024-10-2 23:43 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
99
|
- |
|
-
|
-
|
Tonic is a native gRPC client & server implementation with async/await support. When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting…
New
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-47609
|
2024-10-2 23:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
100
|
8.8 |
HIGH
Network
|
rockwellautomation
|
thinmanager
|
CVE-2024-45826 IMPACT
Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. If exploited, a user ca…
Update
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2024-45826
|
2024-10-2 23:35 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|