711
|
- |
|
-
|
-
|
A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an attacker to RCE via Add Let's Encrypt Certificate.
|
-
|
CVE-2024-46256
|
2024-10-4 03:35 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
712
|
7.5 |
HIGH
Network
radare
|
radare2
|
A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-28070
|
2024-10-4 03:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
713
|
7.5 |
HIGH
Network
radare
|
radare2
|
A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.
|
CWE-787
Out-of-bounds Write
|
CVE-2022-28069
|
2024-10-4 03:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
714
|
9.8 |
CRITICAL
Network
devolutions
|
remote_desktop_manager
|
Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without p…
|
CWE-287
Improper Authentication
|
CVE-2023-4373
|
2024-10-4 03:35 |
2023-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
715
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/mgag200: Bind I2C lifetime to DRM device
Managed cleanup with devm_add_action_or_reset() will release the I2C
adapter when th…
|
NVD-CWE-noinfo
|
CVE-2024-44967
|
2024-10-4 03:21 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
716
|
5.4 |
MEDIUM
Network
|
dotcamp
|
ultimate_blocks
|
The Ultimate Blocks WordPress plugin before 3.2.2 does not validate and escape some of its block attributes before outputting them back in a page/post where the block is embed, which could allow use…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8536
|
2024-10-4 03:16 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
717
|
4.6 |
MEDIUM
Network
|
liferay
|
digital_experience_platform liferay_portal
|
Account lockout in Liferay Portal 7.2.0 through 7.3.0, and older unsupported versions, and Liferay DXP 7.2 before fix pack 5, and older unsupported versions does not invalidate existing user sessions…
|
CWE-384
Session Fixation
|
CVE-2023-47798
|
2024-10-4 03:13 |
2024-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
718
|
7.5 |
HIGH
Adjacent
|
alpsalpine
|
ilx-f509_firmware
|
Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Al…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-23935
|
2024-10-4 03:07 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
719
|
8.8 |
HIGH
Adjacent
|
alpsalpine
|
ilx-f509_firmware
|
Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine…
|
CWE-416
Use After Free
|
CVE-2024-23923
|
2024-10-4 03:07 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
720
|
6.8 |
MEDIUM
Physics
|
alpsalpine
|
ilx-f509_firmware
|
Alpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations…
|
CWE-78
OS Command
|
CVE-2024-23961
|
2024-10-4 03:06 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|