531
|
- |
|
-
|
-
|
A Command injection vulnerability in requestLetsEncryptSslWithDnsChallenge in NginxProxyManager 2.11.3 allows an attacker to achieve remote code execution via Add Let's Encrypt Certificate. NOTE: thi…
Update
|
-
|
CVE-2024-46257
|
2024-10-4 01:35 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
532
|
8.1 |
HIGH
Network
|
arubanetworks
|
edgeconnect_sd-wan_orchestrator
|
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to run arbitrary commands on the underlying host if certain pre…
Update
|
NVD-CWE-noinfo
|
CVE-2023-37424
|
2024-10-4 01:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
533
|
7.8 |
HIGH
Local
|
siemens
|
simcenter_femap
|
A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specia…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-24924
|
2024-10-4 01:33 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
534
|
7.8 |
HIGH
Local
|
siemens
|
simcenter_femap
|
A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted Catia MODEL …
Update
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2024-24925
|
2024-10-4 01:32 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
535
|
9.8 |
CRITICAL
Network
bbsetheme
|
bbs-e-popup
|
Missing Authorization vulnerability in BBS e-Theme BBS e-Popup.This issue affects BBS e-Popup: from n/a through 2.4.5.
Update
|
CWE-862
Missing Authorization
|
CVE-2023-36504
|
2024-10-4 01:31 |
2024-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
536
|
8.8 |
HIGH
Network
|
maximeschoeni
|
sublanguage
|
Missing Authorization vulnerability in Maxime Schoeni Sublanguage.This issue affects Sublanguage: from n/a through 2.9.
Update
|
CWE-862
Missing Authorization
|
CVE-2023-36695
|
2024-10-4 01:28 |
2024-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
537
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: do not clear page dirty inside extent_write_locked_range()
[BUG]
For subpage + zoned case, the following workload can lead…
Update
|
NVD-CWE-noinfo
|
CVE-2024-44972
|
2024-10-4 01:10 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
538
|
8.8 |
HIGH
Network
|
woodpecker-ci
|
woodpecker
|
Woodpecker is a simple yet powerful CI/CD engine with great extensibility. The server allow to create any user who can trigger a pipeline run malicious workflows: 1. Those workflows can either lead t…
Update
|
NVD-CWE-noinfo
|
CVE-2024-41121
|
2024-10-4 00:57 |
2024-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
539
|
7.8 |
HIGH
Local
|
fujielectric
|
tellus_lite_v-simulator
|
Fuji Electric Tellus Lite V-Simulator is vulnerable to an out-of-bounds write, which could allow an attacker to manipulate memory, resulting in execution of arbitrary code.
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-37022
|
2024-10-4 00:55 |
2024-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
540
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usbnet: ipheth: do not stop RX on failing RX callback
RX callbacks can fail for multiple reasons:
* Payload too short
* Payload …
Update
|
NVD-CWE-noinfo
|
CVE-2024-46861
|
2024-10-4 00:36 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|