631
|
9.8 |
CRITICAL
Network
devolutions
|
remote_desktop_manager
|
Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without p…
Update
|
CWE-287
Improper Authentication
|
CVE-2023-4373
|
2024-10-4 03:35 |
2023-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
632
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/mgag200: Bind I2C lifetime to DRM device
Managed cleanup with devm_add_action_or_reset() will release the I2C
adapter when th…
Update
|
NVD-CWE-noinfo
|
CVE-2024-44967
|
2024-10-4 03:21 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
633
|
5.4 |
MEDIUM
Network
|
dotcamp
|
ultimate_blocks
|
The Ultimate Blocks WordPress plugin before 3.2.2 does not validate and escape some of its block attributes before outputting them back in a page/post where the block is embed, which could allow use…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8536
|
2024-10-4 03:16 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
634
|
4.6 |
MEDIUM
Network
|
liferay
|
digital_experience_platform liferay_portal
|
Account lockout in Liferay Portal 7.2.0 through 7.3.0, and older unsupported versions, and Liferay DXP 7.2 before fix pack 5, and older unsupported versions does not invalidate existing user sessions…
Update
|
CWE-384
Session Fixation
|
CVE-2023-47798
|
2024-10-4 03:13 |
2024-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
635
|
7.5 |
HIGH
Adjacent
|
alpsalpine
|
ilx-f509_firmware
|
Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Al…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-23935
|
2024-10-4 03:07 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
636
|
8.8 |
HIGH
Adjacent
|
alpsalpine
|
ilx-f509_firmware
|
Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine…
Update
|
CWE-416
Use After Free
|
CVE-2024-23923
|
2024-10-4 03:07 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
637
|
6.8 |
MEDIUM
Physics
|
alpsalpine
|
ilx-f509_firmware
|
Alpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations…
Update
|
CWE-78
OS Command
|
CVE-2024-23961
|
2024-10-4 03:06 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
638
|
4.6 |
MEDIUM
Physics
|
alpsalpine
|
ilx-f509_firmware
|
Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability. This vulnerability allows physically present attackers to bypass signature validation mechanism on affected installations …
Update
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2024-23960
|
2024-10-4 03:06 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
639
|
6.8 |
MEDIUM
Physics
|
alpsalpine
|
ilx-f509_firmware
|
Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installatio…
Update
|
CWE-78
OS Command
|
CVE-2024-23924
|
2024-10-4 03:06 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
640
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tick/broadcast: Move per CPU pointer access into the atomic section
The recent fix for making the take over of the broadcast time…
Update
|
NVD-CWE-noinfo
|
CVE-2024-44968
|
2024-10-4 03:04 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|