731
|
7.5 |
HIGH
Network
radare
|
radare2
|
A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-28070
|
2024-10-4 03:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
732
|
7.5 |
HIGH
Network
radare
|
radare2
|
A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.
|
CWE-787
Out-of-bounds Write
|
CVE-2022-28069
|
2024-10-4 03:35 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
733
|
9.8 |
CRITICAL
Network
devolutions
|
remote_desktop_manager
|
Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without p…
|
CWE-287
Improper Authentication
|
CVE-2023-4373
|
2024-10-4 03:35 |
2023-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
734
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/mgag200: Bind I2C lifetime to DRM device
Managed cleanup with devm_add_action_or_reset() will release the I2C
adapter when th…
|
NVD-CWE-noinfo
|
CVE-2024-44967
|
2024-10-4 03:21 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
735
|
5.4 |
MEDIUM
Network
|
dotcamp
|
ultimate_blocks
|
The Ultimate Blocks WordPress plugin before 3.2.2 does not validate and escape some of its block attributes before outputting them back in a page/post where the block is embed, which could allow use…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8536
|
2024-10-4 03:16 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
736
|
4.6 |
MEDIUM
Network
|
liferay
|
digital_experience_platform liferay_portal
|
Account lockout in Liferay Portal 7.2.0 through 7.3.0, and older unsupported versions, and Liferay DXP 7.2 before fix pack 5, and older unsupported versions does not invalidate existing user sessions…
|
CWE-384
Session Fixation
|
CVE-2023-47798
|
2024-10-4 03:13 |
2024-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
737
|
7.5 |
HIGH
Adjacent
|
alpsalpine
|
ilx-f509_firmware
|
Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Al…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-23935
|
2024-10-4 03:07 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
738
|
8.8 |
HIGH
Adjacent
|
alpsalpine
|
ilx-f509_firmware
|
Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine…
|
CWE-416
Use After Free
|
CVE-2024-23923
|
2024-10-4 03:07 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
739
|
6.8 |
MEDIUM
Physics
|
alpsalpine
|
ilx-f509_firmware
|
Alpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations…
|
CWE-78
OS Command
|
CVE-2024-23961
|
2024-10-4 03:06 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
740
|
4.6 |
MEDIUM
Physics
|
alpsalpine
|
ilx-f509_firmware
|
Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability. This vulnerability allows physically present attackers to bypass signature validation mechanism on affected installations …
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2024-23960
|
2024-10-4 03:06 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|