451
|
8.2 |
HIGH
Network
ivanti
|
connect_secure policy_secure
|
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x
22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to …
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-22053
|
2024-10-4 07:35 |
2024-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
452
|
7.5 |
HIGH
Network
ivanti
|
connect_secure policy_secure
|
A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests i…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-22052
|
2024-10-4 07:35 |
2024-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
453
|
5.3 |
MEDIUM
Network
ivanti
|
connect_secure policy_secure
|
An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests …
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-22023
|
2024-10-4 07:35 |
2024-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
454
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free.
Update
|
CWE-416
Use After Free
|
CVE-2023-51042
|
2024-10-4 06:35 |
2024-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
455
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock in wasm/wasm-s-parser.c in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-s…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-18378
|
2024-10-4 06:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
456
|
9.8 |
CRITICAL
Network
nvki
|
intelligent_broadband_subscriber_gateway
|
N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a command injection vulnerability via the system_hostname parameter at /manage/network-basic.php.
Update
|
CWE-77
Command Injection
|
CVE-2023-39809
|
2024-10-4 06:35 |
2023-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
457
|
- |
|
-
|
-
|
A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder …
Update
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2024-7387
|
2024-10-4 06:15 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
458
|
5.4 |
MEDIUM
Network
|
arubanetworks
|
edgeconnect_sd-wan_orchestrator
|
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2023-37421
|
2024-10-4 05:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
459
|
7.5 |
HIGH
Network
realtek
|
rtl8812au_firmware
|
An issue was discovered in function nl80211_send_chandef in rtl8812au v5.6.4.2 allows attackers to cause a denial of service.
Update
|
NVD-CWE-noinfo
|
CVE-2020-26652
|
2024-10-4 05:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
460
|
5.5 |
MEDIUM
Local
|
ogg_video_tools_project
|
ogg_video_tools
|
A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service (crash) via opening…
Update
|
NVD-CWE-noinfo
|
CVE-2020-21723
|
2024-10-4 05:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|