|
321
|
- |
|
-
|
-
|
An authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback function to ssh.InsecureIgnoreHostKey
Update
|
-
|
CVE-2024-39223
|
2024-10-26 03:35 |
2024-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
322
|
- |
|
-
|
-
|
An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privilege…
Update
|
-
|
CVE-2024-39251
|
2024-10-26 03:35 |
2024-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
323
|
- |
|
-
|
-
|
Buffer overflow in the extract_openvpn_cr function in openvpn-cr.c in openvpn-auth-ldap (aka the Three Rings Auth-LDAP plugin for OpenVPN) 2.0.4 allows attackers with a valid LDAP username and who ca…
Update
|
-
|
CVE-2024-28820
|
2024-10-26 03:35 |
2024-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
324
|
- |
|
-
|
-
|
An issue was discovered on HMS Anybus X-Gateway AB7832-F 3 devices. The gateway exposes a web interface on port 80. An unauthenticated GET request to a specific URL triggers the reboot of the Anybus …
Update
|
-
|
CVE-2024-23766
|
2024-10-26 03:35 |
2024-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
325
|
- |
|
-
|
-
|
GigaDevice GD32E103C8T6 devices have Incorrect Access Control.
Update
|
-
|
CVE-2024-21741
|
2024-10-26 03:35 |
2024-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
326
|
- |
|
-
|
-
|
H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root.
Update
|
-
|
CVE-2024-38902
|
2024-10-26 03:35 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
327
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/shmem-helper: Remove errant put in error path
drm_gem_shmem_mmap() doesn't own this reference, resulting in the GEM
object ge…
Update
|
CWE-416
Use After Free
|
CVE-2022-48981
|
2024-10-26 03:33 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
328
|
8.1 |
HIGH
Network
|
microsoft
|
windows_server_2012
windows_10_1507
windows_server_2016
windows_server_2022_23h2
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_10_1607
windows_server_2019
windows…
|
Windows MSHTML Platform Spoofing Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-43573
|
2024-10-26 03:17 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
329
|
7.8 |
HIGH
Local
|
microsoft
|
windows_server_2008
windows_server_2012
windows_10_1507
windows_server_2016
windows_server_2022_23h2
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_10_1607
windows…
|
Microsoft Management Console Remote Code Execution Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-43572
|
2024-10-26 03:17 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
330
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Image Map Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'save_project' function with an arbitrary shortcode in versions up to, and including, 6.0.20 due to insuffi…
New
|
-
|
CVE-2024-9585
|
2024-10-26 03:15 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
