121
|
- |
|
-
|
-
|
An issue in ILIFE com.ilife.home.global 1.8.7 allows a remote attacker to obtain sensitive information via the firmware update process.
New
|
-
|
CVE-2024-48790
|
2024-10-17 04:35 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
122
|
- |
|
-
|
-
|
Incorrect access control in Mirotalk before commit 9de226 allows attackers to arbitrarily change usernames via sending a crafted roomAction request to the server.
Update
|
-
|
CVE-2024-44734
|
2024-10-17 04:35 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
123
|
- |
|
-
|
-
|
Incorrect access control in the function handleDataChannelChat(dataMessage) of Mirotalk before commit c21d58 allows attackers to forge chat messages using an arbitrary sender name.
Update
|
-
|
CVE-2024-44730
|
2024-10-17 04:35 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
124
|
- |
|
-
|
-
|
Incorrect access control in the component app/src/server.js of Mirotalk before commit 9de226 allows unauthenticated attackers without presenter privileges to arbitrarily eject users from a meeting.
Update
|
-
|
CVE-2024-44729
|
2024-10-17 04:35 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
125
|
5.0 |
MEDIUM
Local
|
exiv2
|
exiv2
|
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A denial-of-service was found in Exiv2 version v0.28.1: an unbounded recursi…
Update
|
CWE-674
Uncontrolled Recursion
|
CVE-2024-25112
|
2024-10-17 04:35 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
126
|
7.1 |
HIGH
Local
|
microsoft
|
azure_monitor_agent
|
Azure Monitor Agent Elevation of Privilege Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-38097
|
2024-10-17 04:28 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
127
|
6.1 |
MEDIUM
Network
|
microchip
|
timeprovider_4100_firmware
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (banner config modules) allows Cross-Site Scripting (XSS).This…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-43687
|
2024-10-17 04:28 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
128
|
7.5 |
HIGH
Network
|
microsoft
|
windows_server_2022_23h2
|
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-38029
|
2024-10-17 04:27 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
129
|
6.1 |
MEDIUM
Network
|
microchip
|
timeprovider_4100_firmware
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (data plot modules) allows Reflected XSS.This issue affects Ti…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-43686
|
2024-10-17 04:20 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
130
|
- |
|
-
|
-
|
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" lea…
New
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2024-47188
|
2024-10-17 04:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|