61
|
5.5 |
MEDIUM
Local
|
devolutions
|
remote_desktop_manager
|
An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included…
Update
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-7421
|
2024-10-2 03:36 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
62
|
- |
|
-
|
-
|
Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort…
New
|
-
|
CVE-2024-9401
|
2024-10-2 03:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
63
|
- |
|
-
|
-
|
go-tuf is a Go implementation of The Update Framework (TUF). The go-tuf client inconsistently traces the delegations. For example, if targets delegate to "A", and to "B", and "B" delegates to "C", th…
New
|
CWE-362
Race Condition
|
CVE-2024-47534
|
2024-10-2 03:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
64
|
- |
|
-
|
-
|
The WebDAV service in Infinera TNMS (Transcend Network Management System) 19.10.3 allows a low-privileged remote attacker to conduct unauthorized file operations, because of execution with unnecessar…
New
|
-
|
CVE-2024-25660
|
2024-10-2 03:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
65
|
- |
|
-
|
-
|
In Infinera TNMS (Transcend Network Management System) 19.10.3, an insecure default configuration of the internal SFTP server on Linux servers allows remote attacker to access files and directories o…
New
|
-
|
CVE-2024-25659
|
2024-10-2 03:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
66
|
- |
|
-
|
-
|
PCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet Gateway before 2.11.0 are vulnerable to Command injection.
New
|
-
|
CVE-2024-44610
|
2024-10-2 03:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
67
|
6.5 |
MEDIUM
Local
|
linuxfoundation mediatek google linux
|
yocto iot_yocto android linux_kernel
|
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interacti…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-20850
|
2024-10-2 03:35 |
2023-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
68
|
9.8 |
CRITICAL
Network
meshtastic
|
meshtastic_firmware
|
Meshtastic is an open source, off-grid, decentralized, mesh network. Meshtastic uses MQTT to communicate over an internet connection to a shared or private MQTT Server. Nodes can communicate directly…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2024-47078
|
2024-10-2 03:29 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
69
|
9.8 |
CRITICAL
Network
ptzoptics
|
pt30x-sdi_firmware pt30x-ndi-xx-g2_firmware
|
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrar…
Update
|
CWE-78
OS Command
|
CVE-2024-8957
|
2024-10-2 02:49 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
70
|
9.8 |
CRITICAL
Network
macwk
|
icecms
|
An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain sensitive information via UserID parameter in api/User/ChangeUser.
Update
|
NVD-CWE-noinfo
|
CVE-2023-36100
|
2024-10-2 02:35 |
2023-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|