131
|
- |
|
-
|
-
|
Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote c…
New
|
-
|
CVE-2024-37404
|
2024-10-19 08:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
132
|
- |
|
-
|
-
|
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unspecified attack vector.
New
|
-
|
CVE-2024-29821
|
2024-10-19 08:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
133
|
- |
|
-
|
-
|
Ivanti DSM < version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unspecified attack vector.
New
|
-
|
CVE-2024-29213
|
2024-10-19 08:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
134
|
- |
|
-
|
-
|
A vulnerability classified as critical was found in Tenda AC8 16.03.34.06. This vulnerability affects the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the …
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2024-10130
|
2024-10-19 07:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
135
|
- |
|
-
|
-
|
A vulnerability classified as critical has been found in HFO4 shudong-share up to 2.4.7. This affects an unknown part of the file /includes/create_share.php of the component Share Handler. The manipu…
New
|
CWE-89
SQL Injection
|
CVE-2024-10129
|
2024-10-19 07:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
136
|
- |
|
-
|
-
|
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file td.js.gz. The manipulation leads…
New
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2024-10128
|
2024-10-19 06:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
137
|
- |
|
-
|
-
|
A vulnerability was found in Tenda AC8 16.03.34.06. It has been declared as critical. Affected by this vulnerability is the function compare_parentcontrol_time of the file /goform/saveParentControlIn…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2024-10123
|
2024-10-19 05:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
138
|
7.2 |
HIGH
Network
|
hashicorp
|
vault
|
A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s privileges to Vault’s root policy. Fixed in Vault Community Edi…
Update
|
NVD-CWE-Other
|
CVE-2024-9180
|
2024-10-19 05:15 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
139
|
9.8 |
CRITICAL
Network
vmware cisco oracle siemens veritas
|
spring_framework cx_cloud_agent sd-wan_edge retail_xstore_point_of_service communications_cloud_native_core_security_edge_protection_proxy financial_services_analytical_applications_in…
|
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR…
Update
|
CWE-94
Code Injection
|
CVE-2022-22965
|
2024-10-19 04:52 |
2022-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
140
|
- |
|
-
|
-
|
ACON is a widely-used library of tools for machine learning that focuses on adaptive correlation optimization. A potential vulnerability has been identified in the input validation process, which cou…
New
|
CWE-20
Improper Input Validation
|
CVE-2024-49361
|
2024-10-19 04:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|