971
|
5.4 |
MEDIUM
Network
|
pluginspoint
|
kento_ads_rotator
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in KentoThemes Kento Ads Rotator allows Stored XSS.This issue affects Kento Ads Rotator: from…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51583
|
2024-11-14 11:17 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
972
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app may be able to cause a denial-of-service.
|
NVD-CWE-noinfo
|
CVE-2024-44197
|
2024-11-14 11:16 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
973
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.
|
NVD-CWE-noinfo
|
CVE-2024-44196
|
2024-11-14 11:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
974
|
7.8 |
HIGH
Local
|
artifex debian suse
|
ghostscript debian_linux linux_enterprise_high_performance_computing linux_enterprise_server linux_enterprise_server_for_sap
|
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2024-46951
|
2024-11-14 11:13 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
975
|
7.8 |
HIGH
Local
|
artifex debian suse
|
ghostscript debian_linux linux_enterprise_high_performance_computing linux_enterprise_server linux_enterprise_server_for_sap
|
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-46953
|
2024-11-14 11:01 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
976
|
7.8 |
HIGH
Local
|
artifex debian
|
ghostscript debian_linux
|
An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46952
|
2024-11-14 11:01 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
977
|
- |
|
-
|
-
|
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. Th…
|
-
|
CVE-2024-43093
|
2024-11-14 11:00 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
978
|
9.8 |
CRITICAL
Network
paloaltonetworks
|
expedition
|
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition.
Note: Expedition is …
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-5910
|
2024-11-14 11:00 |
2024-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
979
|
7.8 |
HIGH
Local
|
artifex
|
ghostscript
|
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
|
CWE-22
Path Traversal
|
CVE-2024-46954
|
2024-11-14 10:58 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
980
|
5.5 |
MEDIUM
Local
|
artifex debian suse
|
ghostscript debian_linux linux_enterprise_high_performance_computing linux_enterprise_server linux_enterprise_server_for_sap
|
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.
|
CWE-125
Out-of-bounds Read
|
CVE-2024-46955
|
2024-11-14 10:53 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|