1841
|
6.5 |
MEDIUM
Network
|
redhat infinispan
|
data_grid jboss_data_grid jboss_enterprise_application_platform infinispan
|
A flaw was found in Infinispan's REST, Cache retrieval endpoints do not properly evaluate the necessary admin permissions for the operation. This issue could allow an authenticated user to access inf…
|
NVD-CWE-Other
|
CVE-2023-3629
|
2024-09-16 23:15 |
2023-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1842
|
6.5 |
MEDIUM
Network
|
redhat infinispan
|
jboss_data_grid jboss_enterprise_application_platform data_grid infinispan
|
A flaw was found in Infinispan's REST. Bulk read endpoints do not properly evaluate user permissions for the operation. This issue could allow an authenticated user to access information outside of t…
|
NVD-CWE-Other
|
CVE-2023-3628
|
2024-09-16 23:15 |
2023-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1843
|
5.9 |
MEDIUM
Network
|
gnu redhat fedoraproject
|
glibc enterprise_linux enterprise_linux_eus enterprise_linux_server_aus enterprise_linux_for_power_little_endian enterprise_linux_for_power_little_endian_eus enterprise_linux_for_ib…
|
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS…
|
CWE-416
Use After Free
|
CVE-2023-4806
|
2024-09-16 23:15 |
2023-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1844
|
6.5 |
MEDIUM
Network
|
gnu redhat fedoraproject netapp
|
glibc enterprise_linux enterprise_linux_eus enterprise_linux_server_aus enterprise_linux_for_power_little_endian enterprise_linux_for_power_little_endian_eus enterprise_linux_for_ib…
|
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger…
|
CWE-125
Out-of-bounds Read
|
CVE-2023-4527
|
2024-09-16 23:15 |
2023-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1845
|
5.9 |
MEDIUM
Network
|
gnu redhat fedoraproject netapp
|
glibc enterprise_linux enterprise_linux_server_tus enterprise_linux_eus enterprise_linux_server_aus enterprise_linux_for_power_little_endian enterprise_linux_for_power_little_endian…
|
A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo …
|
CWE-416
Use After Free
|
CVE-2023-4813
|
2024-09-16 23:15 |
2023-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1846
|
2.7 |
LOW
Network
|
sap
|
netweaver_application_server_abap
|
Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impa…
|
CWE-862
Missing Authorization
|
CVE-2024-41728
|
2024-09-16 23:14 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1847
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data
Verify that lvts_data is not NULL before using it.
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-42144
|
2024-09-16 23:12 |
2024-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1848
|
8.8 |
HIGH
Network
|
themify
|
ultra
|
Deserialization of Untrusted Data vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2023-46147
|
2024-09-16 23:11 |
2023-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1849
|
2.7 |
LOW
Network
|
sap
|
netweaver_application_server_abap
|
SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. This results in a minimal impact on confidentiali…
|
CWE-863
Incorrect Authorization
|
CVE-2024-44114
|
2024-09-16 23:09 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1850
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot
Commit 272970be3dab ("Bluetooth: hci_qca: Fix driver sh…
|
NVD-CWE-noinfo
|
CVE-2024-42137
|
2024-09-16 23:01 |
2024-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|