991
|
7.8 |
HIGH
Local
|
google
|
android
|
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
|
CWE-862
Missing Authorization
|
CVE-2023-38460
|
2024-10-2 05:35 |
2023-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
992
|
7.5 |
HIGH
Network
apache
|
apache-airflow-providers-apache-spark
|
Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to re…
|
NVD-CWE-noinfo
|
CVE-2023-40272
|
2024-10-2 05:35 |
2023-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
993
|
8.8 |
HIGH
Network
|
google debian fedoraproject
|
chrome debian_linux fedora
|
Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security seve…
|
NVD-CWE-noinfo
|
CVE-2023-4357
|
2024-10-2 05:35 |
2023-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
994
|
7.5 |
HIGH
Network
duckdb
|
duckdb
|
DuckDB is a SQL database management system. In versions 1.0.0 and prior, content in filesystem is accessible for reading using `sniff_csv`, even with `enable_external_access=false`. This vulnerabilit…
|
NVD-CWE-noinfo
|
CVE-2024-41672
|
2024-10-2 05:33 |
2024-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
995
|
9.8 |
CRITICAL
Network
tenda
|
o3_firmware
|
A vulnerability was found in Tenda O3 1.0.0.10(2478). It has been declared as critical. This vulnerability affects the function fromMacFilterSet of the file /goform/setMacFilter. The manipulation of …
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7151
|
2024-10-2 05:28 |
2024-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
996
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent downstream RSVP neighbo…
|
-
|
CVE-2024-39560
|
2024-10-2 05:15 |
2024-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
997
|
7.8 |
HIGH
Local
|
restsharp
|
restsharp
|
RestSharp is a Simple REST and HTTP API Client for .NET. The second argument to `RestRequest.AddHeader` (the header value) is vulnerable to CRLF injection. The same applies to `RestRequest.AddOrUpdat…
|
CWE-74
Injection
|
CVE-2024-45302
|
2024-10-2 05:05 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
998
|
8.0 |
HIGH
Network
|
strawberryrocks
|
strawberry
|
Strawberry GraphQL is a library for creating GraphQL APIs. Prior to version 0.243.0, multipart file upload support as defined in the GraphQL multipart request specification was enabled by default in …
|
CWE-352
Origin Validation Error
|
CVE-2024-47082
|
2024-10-2 05:01 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
999
|
7.5 |
HIGH
Network
watchguard
|
single_sign-on_client
|
Improper Handling of Exceptional Conditions vulnerability in the WatchGuard Single Sign-On Client on Windows causes the client to crash while handling malformed commands. An attacker with network acc…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-6594
|
2024-10-2 04:41 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1000
|
9.1 |
CRITICAL
Network
watchguard
|
authentication_gateway
|
Incorrect Authorization vulnerability in WatchGuard Authentication Gateway (aka Single Sign-On Agent) on Windows allows an attacker with network access to execute restricted management commands.
This…
|
CWE-863
Incorrect Authorization
|
CVE-2024-6593
|
2024-10-2 04:37 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|