71
|
6.7 |
MEDIUM
Local
|
qualcomm
|
wsa8835_firmware wsa8830_firmware wcn3988_firmware wcn3980_firmware wcd9380_firmware sw5100p_firmware sw5100_firmware snapdragon_w5\+_gen_1_wearable_platform_firmware snapdrag…
|
Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-23374
|
2024-10-17 05:26 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
72
|
- |
|
-
|
-
|
Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Version 4…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-47836
|
2024-10-17 05:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
73
|
- |
|
-
|
-
|
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/loggin…
New
|
CWE-617
Reachable Assertion
|
CVE-2024-47522
|
2024-10-17 05:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
74
|
4.3 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel.
Update
|
NVD-CWE-noinfo
|
CVE-2024-43780
|
2024-10-17 05:07 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
75
|
6.7 |
MEDIUM
Local
|
qualcomm
|
wsa8835_firmware wsa8830_firmware wcn3988_firmware wcn3980_firmware wcd9380_firmware sw5100p_firmware sw5100_firmware snapdragon_w5\+_gen_1_wearable_platform_firmware snapdrag…
|
Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call.
Update
|
CWE-416
Use After Free
|
CVE-2024-23376
|
2024-10-17 05:07 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
76
|
4.9 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to properly enforce permissions which allows a user with systems manager role with read-only access to teams …
Update
|
NVD-CWE-noinfo
|
CVE-2024-42497
|
2024-10-17 05:05 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
77
|
8.8 |
HIGH
Network
|
tenda
|
o6_firmware
|
A vulnerability classified as critical has been found in Tenda O6 1.0.0.7(2054). Affected is the function fromVirtualSet of the file /goform/setPortForward. The manipulation of the argument ip/localP…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8231
|
2024-10-17 05:01 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
78
|
7.5 |
HIGH
Network
connect2id
|
nimbus_jose\+jwt
|
In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PB…
Update
|
NVD-CWE-noinfo
|
CVE-2023-52428
|
2024-10-17 05:01 |
2024-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
79
|
6.7 |
MEDIUM
Local
|
qualcomm
|
srv1m_firmware srv1h_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware sa9000p_firmware sa8775p_firmware sa8770p_firmware sa8650p_firmware sa8620p_firmware sa8255p_firmware<…
|
Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record.
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-23378
|
2024-10-17 05:00 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
80
|
6.7 |
MEDIUM
Local
|
qualcomm
|
wsa8835_firmware wsa8830_firmware wsa8815_firmware wsa8810_firmware wcn3990_firmware wcd9380_firmware wcd9341_firmware wcd9340_firmware wcd9335_firmware srv1m_firmware s…
|
Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario.
Update
|
CWE-415
Double Free
|
CVE-2024-23379
|
2024-10-17 04:58 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|