1541
|
8.8 |
HIGH
Network
|
google microsoft
|
chrome edge_chromium
|
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7965
|
2024-09-18 21:40 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1542
|
9.1 |
CRITICAL
Network
mit debian
|
kerberos_5 debian_linux
|
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.
|
NVD-CWE-Other
|
CVE-2024-37371
|
2024-09-18 21:39 |
2024-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1543
|
5.3 |
MEDIUM
Network
redhat
|
service_interconnect
|
A flaw was found in Skupper. When Skupper is initialized with the console-enabled and with console-auth set to Openshift, it configures the openshift oauth-proxy with a static cookie-secret. In certa…
|
CWE-287
Improper Authentication
|
CVE-2024-6535
|
2024-09-18 18:15 |
2024-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1544
|
7.5 |
HIGH
Network
freedesktop redhat
|
poppler enterprise_linux
|
A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to c…
|
NVD-CWE-noinfo
|
CVE-2024-6239
|
2024-09-18 18:15 |
2024-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1545
|
7.4 |
HIGH
Local
|
redhat fedoraproject
|
shim fedora
|
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value …
|
CWE-787 CWE-190
Out-of-bounds Write Integer Overflow or Wraparound
|
CVE-2023-40548
|
2024-09-18 18:15 |
2024-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1546
|
7.5 |
HIGH
Network
devolutions
|
devolutions_server
|
Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it vi…
|
NVD-CWE-Other
|
CVE-2023-5240
|
2024-09-18 17:35 |
2023-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1547
|
7.5 |
HIGH
Network
octopus
|
octopus_server
|
In affected versions of Octopus Server it is possible for the OpenID client secret to be logged in clear text during the configuration of Octopus Server.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2023-1904
|
2024-09-18 17:15 |
2023-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1548
|
8.8 |
HIGH
Network
|
redhat
|
openshift_data_science openshift_ai
|
A vulnerability was found in OpenShift AI that allows for authentication bypass and privilege escalation across models within the same namespace. When deploying AI models, the UI provides the option …
|
NVD-CWE-Other
|
CVE-2024-7557
|
2024-09-18 16:15 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1549
|
6.5 |
MEDIUM
Network
|
samba
|
samba
|
A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service.
|
CWE-787
Out-of-bounds Write
|
CVE-2023-5568
|
2024-09-18 14:15 |
2023-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1550
|
5.4 |
MEDIUM
Network
|
peregrine-themes
|
bloglo
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in peregrinethemes Bloglo, peregrinethemes Blogvi allows Stored XSS.This issue affects Bloglo…
|
CWE-79
Cross-site Scripting
|
CVE-2024-35715
|
2024-09-18 09:15 |
2024-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|