601
|
- |
|
-
|
-
|
An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file in…
|
-
|
CVE-2024-36814
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
602
|
- |
|
-
|
-
|
Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow a privileged user to potentially enable information disclosure via local access.
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-27457
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
603
|
- |
|
-
|
-
|
Directus is a real-time API and App dashboard for managing SQL database content. Access tokens from query strings are not redacted and are potentially exposed in system logs which may be persisted. T…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-47822
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
604
|
- |
|
-
|
-
|
TYPO3 is a free and open source Content Management Framework. Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/gro…
|
CWE-863
Incorrect Authorization
|
CVE-2024-47780
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
605
|
- |
|
-
|
-
|
Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a response without any preloaded data. This issue only affect…
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2024-47773
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
606
|
- |
|
-
|
-
|
Insecure permissions in the Bluetooth Low Energy (BLE) component of Fire-Boltt Artillery Smart Watch NJ-R6E-10.3 allow attackers to cause a Denial of Service (DoS).
|
-
|
CVE-2024-46539
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
607
|
- |
|
-
|
-
|
PublicCMS V4.0.202406.d was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted script to the Category Managment feature
|
-
|
CVE-2024-46410
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
608
|
7.8 |
HIGH
Local
|
-
|
-
|
Microsoft Office Remote Code Execution Vulnerability
|
CWE-426
Untrusted Search Path
|
CVE-2024-43616
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
609
|
7.1 |
HIGH
Network
|
-
|
-
|
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
|
CWE-73
External Control of File Name or Path
|
CVE-2024-43615
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
610
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Microsoft Defender for Endpoint for Linux Spoofing Vulnerability
|
CWE-23
Relative Path Traversal
|
CVE-2024-43614
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|