101
|
- |
|
-
|
-
|
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/loggin…
New
|
CWE-617
Reachable Assertion
|
CVE-2024-47522
|
2024-10-17 05:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
102
|
4.3 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel.
Update
|
NVD-CWE-noinfo
|
CVE-2024-43780
|
2024-10-17 05:07 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
103
|
6.7 |
MEDIUM
Local
|
qualcomm
|
wsa8835_firmware wsa8830_firmware wcn3988_firmware wcn3980_firmware wcd9380_firmware sw5100p_firmware sw5100_firmware snapdragon_w5\+_gen_1_wearable_platform_firmware snapdrag…
|
Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call.
Update
|
CWE-416
Use After Free
|
CVE-2024-23376
|
2024-10-17 05:07 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
104
|
4.9 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to properly enforce permissions which allows a user with systems manager role with read-only access to teams …
Update
|
NVD-CWE-noinfo
|
CVE-2024-42497
|
2024-10-17 05:05 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
105
|
8.8 |
HIGH
Network
|
tenda
|
o6_firmware
|
A vulnerability classified as critical has been found in Tenda O6 1.0.0.7(2054). Affected is the function fromVirtualSet of the file /goform/setPortForward. The manipulation of the argument ip/localP…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8231
|
2024-10-17 05:01 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
106
|
7.5 |
HIGH
Network
connect2id
|
nimbus_jose\+jwt
|
In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource consumption) via a large JWE p2c header value (aka iteration count) for the PasswordBasedDecrypter (PB…
Update
|
NVD-CWE-noinfo
|
CVE-2023-52428
|
2024-10-17 05:01 |
2024-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
107
|
6.7 |
MEDIUM
Local
|
qualcomm
|
srv1m_firmware srv1h_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware sa9000p_firmware sa8775p_firmware sa8770p_firmware sa8650p_firmware sa8620p_firmware sa8255p_firmware<…
|
Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record.
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-23378
|
2024-10-17 05:00 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
108
|
6.7 |
MEDIUM
Local
|
qualcomm
|
wsa8835_firmware wsa8830_firmware wsa8815_firmware wsa8810_firmware wcn3990_firmware wcd9380_firmware wcd9341_firmware wcd9340_firmware wcd9335_firmware srv1m_firmware s…
|
Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario.
Update
|
CWE-415
Double Free
|
CVE-2024-23379
|
2024-10-17 04:58 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
109
|
6.1 |
MEDIUM
Network
|
hcltech
|
sametime_chat_and_meetings
|
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks.
Update
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2023-45698
|
2024-10-17 04:58 |
2024-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
110
|
7.5 |
HIGH
Network
qualcomm
|
snapdragon_w5\+_gen_1_wearable_platform_firmware wsa8835_firmware wsa8830_firmware wsa8810_firmware wcn3988_firmware wcn3980_firmware wcn3950_firmware wcd9385_firmware wcd9380…
|
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2024-33049
|
2024-10-17 04:57 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|