2121
|
6.5 |
MEDIUM
Network
|
ivanti
|
endpoint_manager
|
An issue was discovered in Ivanti Endpoint Manager before 2022 SU4. A file disclosure vulnerability exists in the GetFileContents SOAP action exposed via /landesk/managementsuite/core/core.secure/Osd…
|
NVD-CWE-noinfo
|
CVE-2023-38344
|
2024-09-25 10:35 |
2023-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2122
|
6.5 |
MEDIUM
Network
earthgarden_waiting_project
|
earthgarden_waiting
|
An information leak in Earthgarden_waiting 13.6.1 allows attackers to obtain the channel access token and send crafted messages.
|
NVD-CWE-noinfo
|
CVE-2023-39052
|
2024-09-25 10:35 |
2023-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2123
|
8.8 |
HIGH
Network
|
dolibarr
|
dolibarr_erp\/crm
|
File Upload vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to execute arbitrary code and obtain sensitive information via the extension filtering and renaming function…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2023-38887
|
2024-09-25 10:35 |
2023-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2124
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-2143 Reason: This candidate is a reservation duplicate of CVE-2023-2143. Notes: All CVE users should reference
CV…
|
-
|
CVE-2024-9063
|
2024-09-25 10:15 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2125
|
- |
|
-
|
-
|
A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD tra…
|
CWE-295
Improper Certificate Validation
|
CVE-2024-7383
|
2024-09-25 10:15 |
2024-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2126
|
- |
|
-
|
-
|
A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory.
|
CWE-94
Code Injection
|
CVE-2024-6655
|
2024-09-25 10:15 |
2024-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2127
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/i915/gem: Fix Virtual Memory mapping boundaries calculation
Calculating the size of the mapped area as the lesser value
betwe…
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2024-42259
|
2024-09-25 10:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2128
|
6.7 |
MEDIUM
Local
|
gnu redhat
|
nano enterprise_linux
|
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the pe…
|
CWE-59
Link Following
|
CVE-2024-5742
|
2024-09-25 10:15 |
2024-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2129
|
- |
|
-
|
-
|
A double free vulnerability was found in QEMU virtio devices (virtio-gpu, virtio-serial-bus, virtio-crypto), where the mem_reentrancy_guard flag insufficiently protects against DMA reentrancy issues.…
|
CWE-415
Double Free
|
CVE-2024-3446
|
2024-09-25 10:15 |
2024-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2130
|
- |
|
-
|
-
|
The AES key utilized in the pairing process between a lock using Sciener firmware and a wireless keypad is not unique, and can be reused to compromise other locks using the Sciener firmware.
|
-
|
CVE-2023-7003
|
2024-09-25 10:15 |
2024-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|