121
|
8.8 |
HIGH
Network
|
microsoft
|
sql_2016_azure_connect_feature_pack sql_server_2016 sql_server_2017 sql_server_2019 sql_server_2022
|
Microsoft SQL Server Native Scoring Remote Code Execution Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-26186
|
2024-09-24 01:48 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
122
|
4.4 |
MEDIUM
Local
|
codesys
|
oscat_basic_library
|
Out-of-Bounds read vulnerability in OSCAT Basic Library allows an local, unprivileged attacker to access limited internal data of the PLC which may lead to a crash of the affected service.
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2024-6876
|
2024-09-24 01:45 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
123
|
9.8 |
CRITICAL
Network
microsoft
|
sql_server_2016 sql_server_2017 sql_server_2019 sql_server_2022 sql_2016_azure_connect_feature_pack
|
Microsoft SQL Server Elevation of Privilege Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-37341
|
2024-09-24 01:38 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
124
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/imagination: Free pvr_vm_gpuva after unlink
This caused a measurable memory leak. Although the individual
allocations are sma…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-46779
|
2024-09-24 01:37 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
125
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix missing cleanup on rollforward recovery error
In an error injection test of a routine for mount-time recovery, KASAN
…
Update
|
CWE-416
Use After Free
|
CVE-2024-46781
|
2024-09-24 01:37 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
126
|
- |
|
-
|
-
|
An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection.
New
|
-
|
CVE-2024-47219
|
2024-09-24 01:35 |
2024-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
127
|
- |
|
-
|
-
|
An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows bypassing authentication.
New
|
-
|
CVE-2024-47218
|
2024-09-24 01:35 |
2024-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
128
|
- |
|
-
|
-
|
Gladys Assistant before 4.45.1 allows Privilege Escalation (a user changing their own role) because req.body.role can be used in updateMySelf in server/api/controllers/user.controller.js.
New
|
-
|
CVE-2024-47210
|
2024-09-24 01:35 |
2024-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
129
|
- |
|
-
|
-
|
SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating).
This vulnerability can only be exploited by authorized attackers.
This issue affects Apache HertzBeat (incubat…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-42323
|
2024-09-24 01:35 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
130
|
- |
|
-
|
-
|
SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although the system has a check function, the check function is not executed during execution, allowing remote…
Update
|
-
|
CVE-2024-46640
|
2024-09-24 01:35 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|