281
|
- |
|
-
|
-
|
An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file in…
New
|
-
|
CVE-2024-36814
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
282
|
- |
|
-
|
-
|
Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow a privileged user to potentially enable information disclosure via local access.
New
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-27457
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
283
|
- |
|
-
|
-
|
TYPO3 is a free and open source Content Management Framework. Backend users could see items in the backend page tree without having access if the mounts pointed to pages restricted for their user/gro…
New
|
CWE-863
Incorrect Authorization
|
CVE-2024-47780
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
284
|
- |
|
-
|
-
|
Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a response without any preloaded data. This issue only affect…
New
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2024-47773
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
285
|
- |
|
-
|
-
|
Insecure permissions in the Bluetooth Low Energy (BLE) component of Fire-Boltt Artillery Smart Watch NJ-R6E-10.3 allow attackers to cause a Denial of Service (DoS).
New
|
-
|
CVE-2024-46539
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
286
|
- |
|
-
|
-
|
PublicCMS V4.0.202406.d was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted script to the Category Managment feature
New
|
-
|
CVE-2024-46410
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
287
|
7.8 |
HIGH
Local
|
-
|
-
|
Microsoft Office Remote Code Execution Vulnerability
New
|
CWE-426
Untrusted Search Path
|
CVE-2024-43616
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
288
|
- |
|
-
|
-
|
Directus is a real-time API and App dashboard for managing SQL database content. Access tokens from query strings are not redacted and are potentially exposed in system logs which may be persisted. T…
New
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-47822
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
289
|
7.1 |
HIGH
Network
|
-
|
-
|
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
New
|
CWE-73
External Control of File Name or Path
|
CVE-2024-43615
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
290
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Microsoft Defender for Endpoint for Linux Spoofing Vulnerability
New
|
CWE-23
Relative Path Traversal
|
CVE-2024-43614
|
2024-10-10 21:56 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|