681
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock in wasm/wasm-s-parser.c in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-s…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-18378
|
2024-10-4 06:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
682
|
9.8 |
CRITICAL
Network
nvki
|
intelligent_broadband_subscriber_gateway
|
N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a command injection vulnerability via the system_hostname parameter at /manage/network-basic.php.
Update
|
CWE-77
Command Injection
|
CVE-2023-39809
|
2024-10-4 06:35 |
2023-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
683
|
- |
|
-
|
-
|
A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder …
Update
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2024-7387
|
2024-10-4 06:15 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
684
|
5.4 |
MEDIUM
Network
|
arubanetworks
|
edgeconnect_sd-wan_orchestrator
|
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2023-37421
|
2024-10-4 05:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
685
|
7.5 |
HIGH
Network
realtek
|
rtl8812au_firmware
|
An issue was discovered in function nl80211_send_chandef in rtl8812au v5.6.4.2 allows attackers to cause a denial of service.
Update
|
NVD-CWE-noinfo
|
CVE-2020-26652
|
2024-10-4 05:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
686
|
5.5 |
MEDIUM
Local
|
ogg_video_tools_project
|
ogg_video_tools
|
A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service (crash) via opening…
Update
|
NVD-CWE-noinfo
|
CVE-2020-21723
|
2024-10-4 05:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
687
|
4.3 |
MEDIUM
Network
|
multiparcels
|
multiparcels_shipping_for_woocommerce
|
The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.2 does not have CRSF check when deleting a shipment, allowing attackers to make any logged in user, delete arbitrary shipment vi…
Update
|
-
|
CVE-2023-3366
|
2024-10-4 05:35 |
2023-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
688
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap …
Update
|
CWE-416
Use After Free
|
CVE-2023-2458
|
2024-10-4 05:35 |
2023-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
689
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Out of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker to potentially exploit heap corruption via crafted audio file. (Chromium se…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-2457
|
2024-10-4 05:35 |
2023-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
690
|
8.6 |
HIGH
Network
cisco
|
ios_xe
|
A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition o…
Update
|
NVD-CWE-noinfo
|
CVE-2024-20467
|
2024-10-4 05:09 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|