1921
|
5.5 |
MEDIUM
Local
|
acronis
|
snap_deploy
|
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4569.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-34018
|
2024-09-13 02:17 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1922
|
7.3 |
HIGH
Local
|
acronis
|
snap_deploy
|
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 4569.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-34017
|
2024-09-13 02:16 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1923
|
- |
|
-
|
-
|
An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via `aut…
|
CWE-285
Improper Authorization
|
CVE-2024-6840
|
2024-09-13 02:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1924
|
8.8 |
HIGH
Network
|
phpgurukul
|
job_portal
|
File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8463
|
2024-09-13 02:15 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1925
|
5.5 |
MEDIUM
Local
|
artifex
|
mupdf
|
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg f…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-19882
|
2024-09-13 02:15 |
2018-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1926
|
5.5 |
MEDIUM
Local
|
artifex debian
|
mupdf debian_linux
|
In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2018-19777
|
2024-09-13 02:15 |
2018-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1927
|
5.5 |
MEDIUM
Local
|
artifex
|
mupdf
|
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-18662
|
2024-09-13 02:15 |
2018-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1928
|
5.5 |
MEDIUM
Local
|
artifex
|
mupdf
|
In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-dev…
|
CWE-129
Improper Validation of Array Index
|
CVE-2018-16648
|
2024-09-13 02:15 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1929
|
5.5 |
MEDIUM
Local
|
artifex
|
mupdf
|
In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pd…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-16647
|
2024-09-13 02:15 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1930
|
5.5 |
MEDIUM
Local
|
artifex debian
|
mupdf debian_linux
|
In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2018-1000036
|
2024-09-13 02:15 |
2018-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|