1871
|
6.3 |
MEDIUM
Network
|
adobe
|
commerce magento
|
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features a…
|
CWE-352
Origin Validation Error
|
CVE-2024-39409
|
2024-09-16 22:15 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1872
|
6.3 |
MEDIUM
Network
|
adobe
|
commerce magento
|
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features a…
|
CWE-352
Origin Validation Error
|
CVE-2024-39408
|
2024-09-16 22:15 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1873
|
3.5 |
LOW
Network
|
adobe
|
experience_manager
|
Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation vulnerability that could lead to a security feature bypass. A low-privileged attacker could leverage …
|
NVD-CWE-noinfo
|
CVE-2024-41839
|
2024-09-16 22:15 |
2024-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1874
|
7.5 |
HIGH
Network
gnu fedoraproject netapp debian
|
gnutls fedora active_iq_unified_manager debian_linux
|
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certifi…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2024-0567
|
2024-09-16 22:15 |
2024-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1875
|
7.5 |
HIGH
Network
gnu fedoraproject redhat
|
gnutls fedora enterprise_linux
|
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issu…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-0553
|
2024-09-16 22:15 |
2024-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1876
|
5.9 |
MEDIUM
Network
|
gnu redhat fedoraproject
|
gnutls linux fedora
|
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2023-5981
|
2024-09-16 22:15 |
2023-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1877
|
5.5 |
MEDIUM
Local
|
libtiff fedoraproject redhat
|
libtiff fedora enterprise_linux
|
A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2023-3576
|
2024-09-16 22:15 |
2023-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1878
|
4.7 |
MEDIUM
Local
|
linux redhat debian fedoraproject
|
linux_kernel enterprise_linux debian_linux fedora
|
A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wron…
|
CWE-362
Race Condition
|
CVE-2023-42756
|
2024-09-16 22:15 |
2023-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1879
|
7.8 |
HIGH
Local
|
linux fedoraproject redhat debian
|
linux_kernel fedora enterprise_linux enterprise_linux_for_real_time_for_nfv enterprise_linux_for_real_time enterprise_linux_server_aus enterprise_linux_eus debian_linux
|
A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the sy…
|
CWE-416
Use After Free
|
CVE-2023-4147
|
2024-09-16 22:15 |
2023-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1880
|
5.5 |
MEDIUM
Local
|
artifex redhat fedoraproject debian
|
ghostscript enterprise_linux fedora debian_linux
|
A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file f…
|
CWE-120
Classic Buffer Overflow
|
CVE-2023-38559
|
2024-09-16 22:15 |
2023-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|