141
|
7.5 |
HIGH
Network
php-fpm
|
php-fpm
|
In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, HTTP_REDIRECT_STATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in ce…
Update
|
NVD-CWE-noinfo
|
CVE-2024-8927
|
2024-10-17 03:28 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
142
|
8.2 |
HIGH
Network
qualcomm
|
wsa8845h_firmware wsa8845_firmware wsa8840_firmware wsa8835_firmware wsa8832_firmware wsa8830_firmware wcd9395_firmware wcd9390_firmware wcd9385_firmware wcd9380_firmware
|
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2024-33073
|
2024-10-17 03:25 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
143
|
7.5 |
HIGH
Network
qualcomm
|
snapdragon_8\+_gen_2_mobile_platform_firmware wsa8845h_firmware wsa8845_firmware wsa8840_firmware wsa8835_firmware wsa8832_firmware wsa8830_firmware wcd9395_firmware wcd9390_f…
|
Transient DOS while parsing probe response and assoc response frame.
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2024-38397
|
2024-10-17 03:23 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
144
|
7.8 |
HIGH
Local
|
qualcomm
|
wsa8835_firmware wsa8830_firmware wsa8810_firmware wcn3950_firmware wcd9380_firmware wcd9375_firmware wcd9370_firmware srv1m_firmware srv1h_firmware snapdragon_8_gen_1_mobi…
|
Memory corruption while processing user packets to generate page faults.
Update
|
CWE-416
Use After Free
|
CVE-2024-38399
|
2024-10-17 03:17 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
145
|
- |
|
-
|
-
|
Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a possible ReDoS vulnerability…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-41128
|
2024-10-17 03:15 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
146
|
7.3 |
HIGH
Local
|
siemens
|
modelsim questa
|
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vish2.exe in affected applications allows a specific DLL file to be loaded from the current …
Update
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-47194
|
2024-10-17 03:15 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
147
|
7.3 |
HIGH
Local
|
siemens
|
modelsim questa
|
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). gdb.exe in affected applications allows a specific executable file to be loaded from the cur…
Update
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-47195
|
2024-10-17 03:11 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
148
|
7.3 |
HIGH
Local
|
siemens
|
modelsim questa
|
A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vsimk.exe in affected applications allows a specific tcl file to be loaded from the current …
Update
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-47196
|
2024-10-17 03:07 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
149
|
7.8 |
HIGH
Local
|
schneider-electric
|
zelio_soft_2
|
CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial
of service and loss of confidentiality & integrity when application user opens a malicious Zelio
Soft 2 …
Update
|
CWE-416
Use After Free
|
CVE-2024-8422
|
2024-10-17 03:00 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
150
|
8.4 |
HIGH
Network
|
payara
|
payara
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Payara Platform Payara Server (Admin Console modules) allows Remote Code Inclusion.This is…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8215
|
2024-10-17 02:58 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|