471
|
8.3 |
HIGH
Network
|
nvidia
|
nvidia_container_toolkit nvidia_gpu_operator
|
NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain acces…
Update
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-0132
|
2024-10-2 23:45 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
472
|
3.4 |
LOW
Network
|
nvidia
|
nvidia_container_toolkit nvidia_gpu_operator
|
NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This d…
Update
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-0133
|
2024-10-2 23:43 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
473
|
7.5 |
HIGH
Network
rockwellautomation
|
5015-u8ihft_firmware
|
CVE-2024-45825 IMPACT
A denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a m…
Update
|
NVD-CWE-noinfo
|
CVE-2024-45825
|
2024-10-2 23:43 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
474
|
- |
|
-
|
-
|
Tonic is a native gRPC client & server implementation with async/await support. When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting…
New
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-47609
|
2024-10-2 23:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
475
|
8.8 |
HIGH
Network
|
rockwellautomation
|
thinmanager
|
CVE-2024-45826 IMPACT
Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. If exploited, a user ca…
Update
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2024-45826
|
2024-10-2 23:35 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
476
|
7.5 |
HIGH
Network
clibomanager
|
clibo_manager
|
Rate limit vulnerability in Clibo Manager v1.1.9.2 that could allow an attacker to send a large number of emails to the victim in a short time, affecting availability and leading to a denial of servi…
Update
|
NVD-CWE-Other
|
CVE-2024-9199
|
2024-10-2 23:33 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
477
|
5.4 |
MEDIUM
Network
|
clibomanager
|
clibo_manager
|
Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross-Site Scripting (stored XSS ) by uploading a malicious .svg image in the section: Profile > Profile pict…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9198
|
2024-10-2 23:33 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
478
|
4.8 |
MEDIUM
Network
|
radiustheme
|
the_post_grid
|
The Post Grid WordPress plugin before 7.5.0 does not sanitise and escape some of its Grid settings, which could allow high privilege users such as Editor and above to perform Stored Cross-Site Scrip…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-3635
|
2024-10-2 23:30 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
479
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommufd: Require drivers to supply the cache_invalidate_user ops
If drivers don't do this then iommufd will oops invalidation ioc…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46824
|
2024-10-2 23:29 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
480
|
8.1 |
HIGH
Network
|
acquia
|
mautic
|
Prior to the patched version, logged in users of Mautic are vulnerable to Relative Path Traversal/Arbitrary File Deletion. Regardless of the level of access the Mautic user had, they could delete fil…
Update
|
CWE-22
Path Traversal
|
CVE-2021-27916
|
2024-10-2 23:29 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|