2101
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A privacy issue was addressed by removing sensitive data. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data.
|
NVD-CWE-noinfo
|
CVE-2024-44177
|
2024-09-25 01:28 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2102
|
7.7 |
HIGH
Network
|
tuzitio
|
camaleon_cms
|
Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. A path traversal vulnerability accessible via MediaController's download_private_file method allows authentica…
|
CWE-22
Path Traversal
|
CVE-2024-46987
|
2024-09-25 01:27 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2103
|
4.6 |
MEDIUM
Physics
|
apple
|
ipados iphone_os watchos
|
This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, watchOS 11. An attacker with physical access to a locked device may …
|
NVD-CWE-noinfo
|
CVE-2024-44171
|
2024-09-25 01:22 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2104
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the fil…
|
NVD-CWE-noinfo
|
CVE-2024-44151
|
2024-09-25 01:21 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2105
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data.
|
NVD-CWE-noinfo
|
CVE-2024-44153
|
2024-09-25 01:19 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2106
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted file may lead to unexpected app…
|
NVD-CWE-noinfo
|
CVE-2024-44154
|
2024-09-25 01:16 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2107
|
8.8 |
HIGH
Network
|
totolink
|
t10_firmware
|
A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation o…
|
CWE-78
OS Command
|
CVE-2024-9001
|
2024-09-25 01:14 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2108
|
10.0 |
CRITICAL
Network
apple
|
macos
|
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox.
|
NVD-CWE-noinfo
|
CVE-2024-44146
|
2024-09-25 01:14 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2109
|
10.0 |
CRITICAL
Network
apple
|
macos
|
This issue was addressed with improved validation of file attributes. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox.
|
NVD-CWE-noinfo
|
CVE-2024-44148
|
2024-09-25 01:09 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2110
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ASoC: Intel: Boards: Fix NULL pointer deref in BYT/CHT boards harder
Since commit 13f58267cda3 ("ASoC: soc.h: don't create dummy …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46793
|
2024-09-25 01:00 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|