|
1971
|
5.5 |
MEDIUM
Local
|
apple
|
macos
ipados
iphone_os
|
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able t…
|
NVD-CWE-noinfo
|
CVE-2024-40844
|
2024-09-25 00:55 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1972
|
7.5 |
HIGH
Adjacent
|
canonical
|
anbox_cloud
|
Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS certificate provided to it by the Anbox Stream Agent. An attacker must be able to machine-in-the-middle the Anbo…
|
CWE-295
Improper Certificate Validation
|
CVE-2024-8287
|
2024-09-25 00:52 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1973
|
5.5 |
MEDIUM
Local
|
apple
|
macos
ipados
iphone_os
|
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. A shortcut may out…
|
NVD-CWE-noinfo
|
CVE-2024-44158
|
2024-09-25 00:50 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1974
|
5.5 |
MEDIUM
Local
|
apple
|
macos
iphone_os
ipados
visionos
watchos
tvos
|
An integer overflow was addressed through improved input validation. This issue is fixed in visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-44198
|
2024-09-25 00:45 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1975
|
3.3 |
LOW
Local
|
apple
|
macos
ipados
iphone_os
|
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-40791
|
2024-09-25 00:44 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1976
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access protected user data.
|
NVD-CWE-noinfo
|
CVE-2024-40801
|
2024-09-25 00:43 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1977
|
5.5 |
MEDIUM
Local
|
apple
|
macos
ipados
iphone_os
visionos
watchos
tvos
|
A file access issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, …
|
NVD-CWE-noinfo
|
CVE-2024-40850
|
2024-09-25 00:41 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1978
|
6.1 |
MEDIUM
Network
|
dedecms
|
dedecms
|
DedeCMS 5.7.115 is vulnerable to Cross Site Scripting (XSS) via the advertisement code box in the advertisement management module.
|
CWE-79
Cross-site Scripting
|
CVE-2024-46372
|
2024-09-25 00:40 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1979
|
7.5 |
HIGH
Network
draytek
|
vigor3910_firmware
|
Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the ssidencrypt%d parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craft…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46590
|
2024-09-25 00:23 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1980
|
6.5 |
MEDIUM
Network
|
acquia
|
mautic
|
Prior to the patched version, logged in users of Mautic are able to access areas of the application that they should be prevented from accessing.
Users could potentially access sensitive data such a…
|
CWE-276
Incorrect Default Permissions
|
CVE-2022-25776
|
2024-09-25 00:19 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
