|
1811
|
3.3 |
LOW
Local
|
apple
|
macos
|
A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Sequoia 15. A malicious app may be able to access notifications from the user's device.
|
NVD-CWE-noinfo
|
CVE-2024-40838
|
2024-09-26 01:46 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1812
|
6.5 |
MEDIUM
Network
|
zitadel
|
zitadel
|
Zitadel is an open source identity management platform. In Zitadel, even after an organization is deactivated, associated projects, respectively their applications remain active. Users across other o…
|
CWE-863
Incorrect Authorization
|
CVE-2024-47060
|
2024-09-26 01:43 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1813
|
8.8 |
HIGH
Network
|
code4recovery
|
12_step_meeting_list
|
Missing Authorization vulnerability in Code for Recovery 12 Step Meeting List.This issue affects 12 Step Meeting List: from n/a through 3.14.28.
|
CWE-862
Missing Authorization
|
CVE-2024-22296
|
2024-09-26 01:36 |
2024-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1814
|
8.8 |
HIGH
Network
|
windriver
|
vxworks
|
An issue was discovered in Wind River VxWorks 6.9 and 7. The function ``tarExtract`` implements TAR file extraction and thereby also processes files within an archive that have relative or absolute f…
|
CWE-22
Path Traversal
|
CVE-2023-38346
|
2024-09-26 01:35 |
2023-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1815
|
9.8 |
CRITICAL
Network
withsecure
|
f-secure_policy_manager
policy_manager_proxy
|
Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend). This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15.
|
NVD-CWE-noinfo
|
CVE-2023-43762
|
2024-09-26 01:35 |
2023-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1816
|
- |
|
phphoo3
|
phphoo3
|
Multiple SQL injection vulnerabilities in admin.php in phpHoo3 allow remote attackers to execute arbitrary SQL commands via the (1) ADMIN_USER (USER) and (2) ADMIN_PASS (PASS) parameters during a log…
|
NVD-CWE-Other
|
CVE-2007-2534
|
2024-09-26 01:35 |
2007-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1817
|
8.1 |
HIGH
Network
|
redhat
|
enterprise_linux
enterprise_linux_aus
enterprise_linux_tus
enterprise_linux_eus
enterprise_linux_update_services_for_sap_solutions
|
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attac…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2024-3183
|
2024-09-26 01:29 |
2024-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1818
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffin_process of the file src/filters/isoffin_r…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-6061
|
2024-09-26 01:16 |
2024-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1819
|
- |
|
-
|
-
|
Concrete CMS versions 9.0.0 to 9.3.3 and below 8.5.19 are vulnerable to Stored XSS in the "Next&Previous Nav" block. A rogue administrator could add a malicious payload by executing it in the browse…
|
-
|
CVE-2024-8661
|
2024-09-26 01:15 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1820
|
- |
|
-
|
-
|
In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocati…
|
-
|
CVE-2024-7625
|
2024-09-26 01:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
