1851
|
- |
|
-
|
-
|
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA…
|
CWE-208
Information Exposure Through Timing Discrepancy
|
CVE-2024-2236
|
2024-09-14 13:15 |
2024-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1852
|
- |
|
-
|
-
|
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_var…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-8775
|
2024-09-14 12:15 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1853
|
- |
|
-
|
-
|
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.1. This is due to the soft…
|
CWE-94
Code Injection
|
CVE-2024-8271
|
2024-09-14 12:15 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1854
|
5.3 |
MEDIUM
Network
-
|
-
|
The WooCommerce Multiple Free Gift plugin for WordPress is vulnerable to gift manipulation in all versions up to, and including, 1.2.3. This is due to plugin not enforcing server-side checks on the p…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2022-3459
|
2024-09-14 12:15 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1855
|
8.1 |
HIGH
Network
|
openbsd redhat suse debian canonical amazon netapp freebsd netbsd
|
openssh openshift_container_platform enterprise_linux enterprise_linux_for_arm_64 enterprise_linux_for_power_little_endian enterprise_linux_for_ibm_z_systems enterprise_linux_for_po…
|
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote a…
|
CWE-362
Race Condition
|
CVE-2024-6387
|
2024-09-14 12:15 |
2024-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1856
|
7.5 |
HIGH
Network
gnu redhat
|
glibc enterprise_linux
|
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2023-5156
|
2024-09-14 12:15 |
2023-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1857
|
- |
|
-
|
-
|
A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passi…
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2024-2494
|
2024-09-14 09:15 |
2024-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1858
|
- |
|
-
|
-
|
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-2496
|
2024-09-14 09:15 |
2024-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1859
|
- |
|
-
|
-
|
A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unpri…
|
-
|
CVE-2024-2182
|
2024-09-14 09:15 |
2024-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1860
|
- |
|
-
|
-
|
An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending…
|
-
|
CVE-2024-1441
|
2024-09-14 09:15 |
2024-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|