1531
|
7.8 |
HIGH
Local
|
google
|
android
|
In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with no additional execution privi…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-44094
|
2024-09-18 22:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1532
|
7.8 |
HIGH
Local
|
google
|
android
|
In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible corrupt memory due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileg…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-44095
|
2024-09-18 22:34 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1533
|
4.4 |
MEDIUM
Local
|
google
|
android
|
there is a possible arbitrary read due to an insecure default value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploi…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2024-44096
|
2024-09-18 22:33 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1534
|
7.5 |
HIGH
Network
ibm
|
datacap
|
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. IBM X-Force ID: 295791.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-39732
|
2024-09-18 22:15 |
2024-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1535
|
4.4 |
MEDIUM
Local
|
dell
|
vostro_5502_firmware vostro_5402_firmware precision_3660_firmware inspiron_5509_firmware inspiron_5502_firmware inspiron_5409_firmware inspiron_5402_firmware inspiron_27_7720_all…
|
Dell Client BIOS contains an Out-of-bounds Write vulnerability. A local authenticated malicious user with admin privileges could potentially exploit this vulnerability, leading to platform denial of …
|
CWE-787
Out-of-bounds Write
|
CVE-2024-28970
|
2024-09-18 22:04 |
2024-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1536
|
7.5 |
HIGH
Network
argoproj
|
argo_cd
|
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The vulnerability allows unauthorized access to the sensitive settings exposed by /api/v1/settings endpoint without authenti…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-37152
|
2024-09-18 21:51 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1537
|
4.3 |
MEDIUM
Network
|
ibm
|
datacap
|
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a h…
|
CWE-565
Reliance on Cookies without Validation and Integrity Checking
|
CVE-2024-39734
|
2024-09-18 21:50 |
2024-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1538
|
7.5 |
HIGH
Network
gitlab
|
gitlab
|
ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all versions from 11.3 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allows denial of s…
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2024-2800
|
2024-09-18 21:42 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1539
|
7.5 |
HIGH
Network
oneflow
|
oneflow
|
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the oneflow.index_select parameter.
|
NVD-CWE-noinfo
|
CVE-2024-36745
|
2024-09-18 21:42 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1540
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 prior 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2. When view…
|
CWE-79
Cross-site Scripting
|
CVE-2024-4207
|
2024-09-18 21:41 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|