|
1851
|
7.8 |
HIGH
Local
|
qnap
|
qts
quts_hero
|
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local network users to execute commands via unspe…
|
CWE-78
CWE-77
OS Command
Command Injection
|
CVE-2024-38641
|
2024-09-16 21:35 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1852
|
7.8 |
HIGH
Local
|
qnap
|
qumagie
|
An improper certificate validation vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow local network users to compromise the security of the system via unsp…
|
CWE-295
Improper Certificate Validation
|
CVE-2024-38642
|
2024-09-16 21:33 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1853
|
5.4 |
MEDIUM
Network
|
qnap
|
download_station
|
A cross-site scripting (XSS) vulnerability has been reported to affect Download Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We ha…
|
CWE-79
Cross-site Scripting
|
CVE-2024-38640
|
2024-09-16 21:27 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1854
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vsock: fix recursive ->recvmsg calls
After a vsock socket has been added to a BPF sockmap, its prot->recvmsg
has been replaced wi…
|
CWE-674
Uncontrolled Recursion
|
CVE-2024-44996
|
2024-09-16 21:21 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1855
|
5.5 |
MEDIUM
Local
|
adobe
|
illustrator
|
Illustrator versions 28.5, 27.9.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to b…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-34134
|
2024-09-16 21:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1856
|
7.7 |
HIGH
Network
|
adobe
|
commerce
magento
|
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could l…
|
CWE-22
Path Traversal
|
CVE-2024-39406
|
2024-09-16 21:15 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1857
|
5.5 |
MEDIUM
Local
|
adobe
|
acrobat
|
Acrobat for Edge versions 126.0.2592.81 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerabilit…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-39379
|
2024-09-16 21:15 |
2024-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1858
|
9.8 |
CRITICAL
Network
rockwellautomation
|
thinserver
thinmanager
|
Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell …
|
NVD-CWE-noinfo
|
CVE-2024-5989
|
2024-09-16 21:08 |
2024-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1859
|
9.8 |
CRITICAL
Network
rockwellautomation
|
thinserver
thinmanager
|
Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke a local or remote executable and cause a remote code execution condition on the Rockwell Au…
|
NVD-CWE-noinfo
|
CVE-2024-5988
|
2024-09-16 21:07 |
2024-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1860
|
7.5 |
HIGH
Network
rockwellautomation
|
thinserver
thinmanager
|
Due to an improper input validation, an unauthenticated threat actor can send a malicious message to a monitor thread within Rockwell Automation ThinServer™ and cause a denial-of-service condition on…
|
NVD-CWE-noinfo
|
CVE-2024-5990
|
2024-09-16 20:58 |
2024-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
