311
|
6.7 |
MEDIUM
Local
|
-
|
-
|
Windows Kernel Elevation of Privilege Vulnerability
New
|
CWE-822
Untrusted Pointer Dereference
|
CVE-2024-37979
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
312
|
6.7 |
MEDIUM
Local
|
-
|
-
|
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-37976
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
313
|
- |
|
-
|
-
|
NULL pointer dereference in IP socket options processing of the Networking Stack in QNX Software Development Platform (SDP) version(s) 7.1 and 7.0 could allow an attacker with local access to cause a…
New
|
-
|
CVE-2024-35215
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
314
|
8.0 |
HIGH
Adjacent
|
-
|
-
|
Windows Hyper-V Remote Code Execution Vulnerability
New
|
CWE-20 CWE-829
Improper Input Validation Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2024-30092
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
315
|
- |
|
-
|
-
|
An issue in the getcolor function in utils.py of xhtml2pdf v0.2.13 allows attackers to cause a Regular expression Denial of Service (ReDOS) via supplying a crafted string.
New
|
-
|
CVE-2024-25885
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
316
|
7.1 |
HIGH
Adjacent
|
-
|
-
|
Windows Hyper-V Security Feature Bypass Vulnerability
New
|
CWE-20
Improper Input Validation
|
CVE-2024-20659
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
317
|
5.3 |
MEDIUM
Network
-
|
-
|
A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. When an HTTP smuggling request with an ASCII control character is …
New
|
CWE-444
HTTP Request Smuggling
|
CVE-2024-9622
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
318
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Quarkus CXF. Passwords and other secrets may appear in the application log in spite of the user configuring them to be hidden. This issue requires some special configura…
New
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-9621
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
319
|
5.3 |
MEDIUM
Network
-
|
-
|
A flaw was found in Event-Driven Automation (EDA) in Ansible Automation Platform (AAP), which lacks encryption of sensitive information. An attacker with network access could exploit this vulnerabili…
New
|
-
|
CVE-2024-9620
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
320
|
- |
|
-
|
-
|
Path traversal in Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to bypass restrictions.
New
|
-
|
CVE-2024-9381
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|