|
311
|
5.5 |
MEDIUM
Local
|
apple
|
macos
iphone_os
ipados
visionos
watchos
tvos
|
An integer overflow was addressed through improved input validation. This issue is fixed in visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web…
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-44198
|
2024-09-25 00:45 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312
|
3.3 |
LOW
Local
|
apple
|
macos
ipados
iphone_os
|
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS…
Update
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-40791
|
2024-09-25 00:44 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access protected user data.
Update
|
NVD-CWE-noinfo
|
CVE-2024-40801
|
2024-09-25 00:43 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314
|
5.5 |
MEDIUM
Local
|
apple
|
macos
ipados
iphone_os
visionos
watchos
tvos
|
A file access issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, …
Update
|
NVD-CWE-noinfo
|
CVE-2024-40850
|
2024-09-25 00:41 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315
|
6.1 |
MEDIUM
Network
|
dedecms
|
dedecms
|
DedeCMS 5.7.115 is vulnerable to Cross Site Scripting (XSS) via the advertisement code box in the advertisement management module.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-46372
|
2024-09-25 00:40 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316
|
7.5 |
HIGH
Network
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the ssidencrypt%d parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craft…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46590
|
2024-09-25 00:23 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
317
|
6.5 |
MEDIUM
Network
|
acquia
|
mautic
|
Prior to the patched version, logged in users of Mautic are able to access areas of the application that they should be prevented from accessing.
Users could potentially access sensitive data such a…
Update
|
CWE-276
Incorrect Default Permissions
|
CVE-2022-25776
|
2024-09-25 00:19 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. An app may be able to modify protected parts of the file system.
Update
|
NVD-CWE-noinfo
|
CVE-2024-40843
|
2024-09-25 00:02 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
An issue was addressed with improved validation of environment variables. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.
Update
|
NVD-CWE-noinfo
|
CVE-2024-40842
|
2024-09-24 23:56 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
320
|
7.5 |
HIGH
Network
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A non-privileged user may be able to modify restricted network settings.
Update
|
CWE-281
Improper Preservation of Permissions
|
CVE-2024-40770
|
2024-09-24 23:55 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
