|
661
|
7.8 |
HIGH
Local
|
siemens
|
simcenter_femap
|
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specia…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-24922
|
2024-10-4 02:21 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
662
|
7.8 |
HIGH
Local
|
siemens
|
simcenter_femap
|
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application is vulnerable to memory corruption while parsing specially crafted Catia MODEL files. This…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-24921
|
2024-10-4 02:21 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
663
|
7.8 |
HIGH
Local
|
siemens
|
simcenter_femap
|
A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specia…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-24920
|
2024-10-4 02:20 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
664
|
6.5 |
MEDIUM
Network
|
lunary
|
lunary
|
An Improper Access Control vulnerability exists in the lunary-ai/lunary repository, affecting versions up to and including 1.2.2. The vulnerability allows unauthorized users to view any prompts in an…
Update
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-5131
|
2024-10-4 01:59 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
665
|
7.5 |
HIGH
Network
lunary
|
lunary
|
An Incorrect Authorization vulnerability exists in lunary-ai/lunary versions up to and including 1.2.2, which allows unauthenticated users to delete any dataset. The vulnerability is due to the lack …
Update
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-5130
|
2024-10-4 01:57 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
666
|
8.2 |
HIGH
Network
lunary
|
lunary
|
A Privilege Escalation Vulnerability exists in lunary-ai/lunary version 1.2.2, where any user can delete any datasets due to missing authorization checks. The vulnerability is present in the dataset …
Update
|
CWE-862
Missing Authorization
|
CVE-2024-5129
|
2024-10-4 01:56 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
667
|
6.5 |
MEDIUM
Network
|
lunary
|
lunary
|
An improper access control vulnerability exists in the lunary-ai/lunary repository, specifically within the versions.patch functionality for updating prompts. Affected versions include 1.2.2 up to bu…
Update
|
NVD-CWE-noinfo
|
CVE-2024-5126
|
2024-10-4 01:52 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
668
|
9.8 |
CRITICAL
Network
motorola
|
vigilant_fixed_lpr_coms_box_firmware
|
An attacker can access the maintenance console using hard coded credentials for a hidden wireless network on the device.
Update
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-38281
|
2024-10-4 01:51 |
2024-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
669
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses
The panasonic laptop code in various places uses the SINF a…
Update
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46859
|
2024-10-4 01:47 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
670
|
8.0 |
HIGH
Adjacent
|
ivanti
|
endpoint_manager
|
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an authenticated attacker within the same network to execute arbitrary code.
Update
|
CWE-89
SQL Injection
|
CVE-2024-29846
|
2024-10-4 01:46 |
2024-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
