2371
|
4.3 |
MEDIUM
Network
|
jetbrains
|
youtrack
|
In JetBrains YouTrack before 2024.3.44799 user without appropriate permissions could restore workflows attached to a project
|
CWE-863
Incorrect Authorization
|
CVE-2024-47159
|
2024-09-25 03:09 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2372
|
7.8 |
HIGH
Local
|
samsung
|
exynos_1480_firmware exynos_2400_firmware
|
An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. The xclipse amdgpu driver has a reference count bug. This can lead to a use after free.
|
CWE-416
Use After Free
|
CVE-2024-31960
|
2024-09-25 03:08 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2373
|
5.3 |
MEDIUM
Network
jetbrains
|
youtrack
|
In JetBrains YouTrack before 2024.3.44799 access to global app config data without appropriate permissions was possible
|
CWE-863
Incorrect Authorization
|
CVE-2024-47160
|
2024-09-25 03:03 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2374
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.
|
NVD-CWE-noinfo
|
CVE-2024-44186
|
2024-09-25 03:03 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2375
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A path handling issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to read arbitrary files.
|
CWE-22
Path Traversal
|
CVE-2024-44190
|
2024-09-25 03:02 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2376
|
5.3 |
MEDIUM
Network
jetbrains
|
youtrack
|
In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-47162
|
2024-09-25 02:57 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2377
|
8.8 |
HIGH
Adjacent
|
sonos
|
era_100_firmware
|
Sonos Era 100 SMB2 Message Handling Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Son…
|
CWE-416
Use After Free
|
CVE-2024-5269
|
2024-09-25 02:50 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2378
|
8.2 |
HIGH
Local
|
dell
|
xps_8960_firmware xps_8950_firmware inspiron_3502_firmware inspiron_15_3521_firmware inspiron_15_3510_firmware aurora_r16_firmware alienware_x17_r2_firmware alienware_x17_r1_firm…
|
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnera…
|
NVD-CWE-noinfo
|
CVE-2024-32858
|
2024-09-25 02:45 |
2024-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2379
|
6.0 |
MEDIUM
Local
|
dell
|
xps_8960_firmware xps_8950_firmware inspiron_3502_firmware inspiron_15_3521_firmware inspiron_15_3510_firmware aurora_r16_firmware alienware_x17_r2_firmware alienware_x17_r1_firm…
|
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnera…
|
NVD-CWE-noinfo
|
CVE-2024-32856
|
2024-09-25 02:24 |
2024-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2380
|
8.8 |
HIGH
Network
|
moxa
|
oncell_g3470a-lte-eu-t_firmware oncell_g3470a-lte-eu_firmware oncell_g3470a-lte-us_firmware oncell_g3470a-lte-us-t_firmware
|
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to a lack of neutralized inputs in the web key upload function. An attacker could modify the intende…
|
CWE-77
Command Injection
|
CVE-2024-4638
|
2024-09-25 02:13 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|