2401
|
6.5 |
MEDIUM
Network
|
openstack
|
nova glance cinder
|
An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 …
|
NVD-CWE-noinfo
|
CVE-2024-32498
|
2024-09-24 01:15 |
2024-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2402
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fou: Fix null-ptr-deref in GRO.
We observed a null-ptr-deref in fou_gro_receive() while shutting down
a host. [0]
The NULL poin…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46763
|
2024-09-24 01:14 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2403
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ice: Add netif_device_attach/detach into PF reset flow
Ethtool callbacks can be executed while reset is in progress and try to
ac…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46770
|
2024-09-24 01:13 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2404
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xen: privcmd: Fix possible access to a freed kirqfd instance
Nothing prevents simultaneous ioctl calls to privcmd_irqfd_assign() …
|
CWE-416
Use After Free
|
CVE-2024-46762
|
2024-09-24 01:12 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2405
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv
The hotplug driver for powerpc (pci/hotplug/pnv_php.c) causes a kernel
c…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46761
|
2024-09-24 01:06 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2406
|
5.3 |
MEDIUM
Network
nasirkhan
|
laravel_starter
|
A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the compone…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-6056
|
2024-09-24 01:04 |
2024-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2407
|
- |
|
-
|
-
|
The authentication system of Securepoint UTM mishandles OTP keys. This allows the bypassing of second-factor verification (when OTP is enabled) in both the administration web interface and the user p…
|
-
|
CVE-2024-39340
|
2024-09-24 00:15 |
2024-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2408
|
8.8 |
HIGH
Network
|
lunary
|
lunary
|
An Insecure Direct Object Reference (IDOR) vulnerability was identified in lunary-ai/lunary, affecting versions up to and including 1.2.2. This vulnerability allows unauthorized users to view, update…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-5128
|
2024-09-24 00:11 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2409
|
7.8 |
HIGH
Local
|
microsoft
|
windows_server_2008 windows_server_2012 windows_10_1809 windows_server_2019 windows_server_2022 windows_11_21h2 windows_10_21h2 windows_11_22h2 windows_10_22h2 windows_11_2…
|
Windows Security Zone Mapping Security Feature Bypass Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-30073
|
2024-09-24 00:08 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2410
|
5.5 |
MEDIUM
Local
|
intel
|
raid_web_console
|
Improper access control in Intel(R) RAID Web Console all versions may allow an authenticated user to potentially enable information disclosure via local access.
|
NVD-CWE-noinfo
|
CVE-2024-28170
|
2024-09-23 23:49 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|