561
|
- |
|
-
|
-
|
A specially crafted filename containing a large number of spaces could obscure the file's extension when displayed in the download dialog.
*This bug only affects Firefox for Android. Other versions o…
New
|
-
|
CVE-2024-9395
|
2024-10-2 01:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
562
|
- |
|
-
|
-
|
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This ac…
New
|
-
|
CVE-2024-9394
|
2024-10-2 01:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
563
|
- |
|
-
|
-
|
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This acces…
New
|
-
|
CVE-2024-9393
|
2024-10-2 01:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
564
|
- |
|
-
|
-
|
A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no long…
New
|
-
|
CVE-2024-9391
|
2024-10-2 01:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
565
|
- |
|
-
|
-
|
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HT…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-47604
|
2024-10-2 01:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
566
|
- |
|
-
|
-
|
OSS Endpoint Manager is an endpoint manager module for FreePBX. OSS Endpoint Manager module activation can allow authenticated web users unauthorized access to read system files with the permissions …
New
|
CWE-22
Path Traversal
|
CVE-2024-47071
|
2024-10-2 01:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
567
|
7.5 |
HIGH
Network
mozilla
|
firefox
|
An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and T…
Update
|
NVD-CWE-noinfo
|
CVE-2024-8900
|
2024-10-2 01:15 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
568
|
8.8 |
HIGH
Network
|
doverfuelingsolutions
|
progauge_maglink_lx_console_firmware progauge_maglink_lx4_console_firmware
|
Once logged in to ProGauge MAGLINK LX4 CONSOLE, a valid user can change their privileges to administrator.
Update
|
NVD-CWE-noinfo
|
CVE-2024-45373
|
2024-10-2 01:13 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
569
|
9.1 |
CRITICAL
Network
watchguard
|
single_sign-on_client authentication_gateway
|
Incorrect Authorization vulnerability in the protocol communication between the WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows and the WatchGuard Single Sign-On Client on Win…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2024-6592
|
2024-10-2 01:06 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
570
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: phy: dp83822: Fix NULL pointer dereference on DP83825 devices
The probe() function is only used for DP83822 and DP83826 PHY,…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46856
|
2024-10-2 01:04 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|