1111
|
7.8 |
HIGH
Local
|
grafana
|
agent
|
Unquoted Search Path or Element vulnerability in Grafana Agent (Flow mode) on Windows allows Privilege Escalation from Local User to SYSTEM
This issue affects Agent Flow: before 0.43.2
|
CWE-428
Unquoted Search Path or Element
|
CVE-2024-8996
|
2024-10-2 04:16 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1112
|
- |
|
-
|
-
|
A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with …
|
CWE-1288
Improper Validation of Consistency within Input
|
CVE-2024-5953
|
2024-10-2 04:15 |
2024-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1113
|
- |
|
-
|
-
|
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
|
-
|
CVE-2024-3657
|
2024-10-2 04:15 |
2024-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1114
|
- |
|
-
|
-
|
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2024-1062
|
2024-10-2 04:15 |
2024-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1115
|
7.5 |
HIGH
Network
openslides
|
openslides
|
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2024-22892
|
2024-10-2 04:10 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1116
|
6.5 |
MEDIUM
Network
|
ihedvall
|
mdf_library
|
Library MDF (mdflib) v2.1 is vulnerable to a heap-based buffer overread via a crafted mdf4 file is parsed using the ReadData function
|
CWE-787
Out-of-bounds Write
|
CVE-2024-41445
|
2024-10-2 04:03 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1117
|
5.5 |
MEDIUM
Local
|
devolutions
|
remote_desktop_manager
|
An information exposure in Devolutions Remote Desktop Manager 2024.2.20.0 and earlier on Windows allows local attackers with access to system logs to obtain session credentials via passwords included…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-7421
|
2024-10-2 03:36 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1118
|
6.5 |
MEDIUM
Local
|
linuxfoundation mediatek google linux
|
yocto iot_yocto android linux_kernel
|
In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interacti…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-20850
|
2024-10-2 03:35 |
2023-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1119
|
9.8 |
CRITICAL
Network
meshtastic
|
meshtastic_firmware
|
Meshtastic is an open source, off-grid, decentralized, mesh network. Meshtastic uses MQTT to communicate over an internet connection to a shared or private MQTT Server. Nodes can communicate directly…
|
CWE-863
Incorrect Authorization
|
CVE-2024-47078
|
2024-10-2 03:29 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1120
|
9.8 |
CRITICAL
Network
ptzoptics
|
pt30x-sdi_firmware pt30x-ndi-xx-g2_firmware
|
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrar…
|
CWE-78
OS Command
|
CVE-2024-8957
|
2024-10-2 02:49 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|