41
|
7.5 |
HIGH
Network
oracle
|
sales_for_handhelds
|
Vulnerability in the Oracle Sales for Handhelds product of Oracle E-Business Suite (component: Pocket Outlook Sync(PocketPC)). Supported versions that are affected are 12.2.3-12.2.12. Easily exploit…
Update
|
NVD-CWE-noinfo
|
CVE-2023-21855
|
2024-09-24 05:35 |
2023-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
42
|
- |
|
-
|
-
|
New Cloud MyOffice SDK Collaborative Editing Server 2.2.2 through 2.8 allows SSRF via manipulation of requests from external document storage via the MS-WOPI protocol.
New
|
-
|
CVE-2024-47222
|
2024-09-24 05:15 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
43
|
- |
|
-
|
-
|
The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024-07-25) fail to properly validate TLS certificates, allowing an attacker with appropriate network acce…
New
|
-
|
CVE-2024-43201
|
2024-09-24 05:15 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
44
|
- |
|
-
|
-
|
Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection.This issue affects:
?Product
Affected Versions
LoadMaster
From 7.…
Update
|
CWE-20
Improper Input Validation
|
CVE-2024-6658
|
2024-09-24 05:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
45
|
- |
|
-
|
-
|
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigur…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-3653
|
2024-09-24 05:15 |
2024-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
46
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local …
Update
|
CWE-416
Use After Free
|
CVE-2024-0582
|
2024-09-24 05:15 |
2024-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
47
|
7.5 |
HIGH
Network
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A camera extension may be able to access the internet.
Update
|
CWE-281
Improper Preservation of Permissions
|
CVE-2024-27795
|
2024-09-24 05:01 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
48
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.
Update
|
CWE-281
Improper Preservation of Permissions
|
CVE-2024-27858
|
2024-09-24 04:56 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
49
|
7.1 |
HIGH
Local
|
acronis
|
agent
|
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36343.
Update
|
CWE-862
Missing Authorization
|
CVE-2023-45246
|
2024-09-24 04:54 |
2023-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
50
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An app may be able to cause a denial-of-service.
Update
|
NVD-CWE-noinfo
|
CVE-2024-23237
|
2024-09-24 04:53 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|