|
531
|
- |
|
-
|
-
|
This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.This issue …
Update
|
-
|
CVE-2024-2464
|
2024-10-31 04:35 |
2024-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
532
|
- |
|
-
|
-
|
A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunder…
Update
|
-
|
CVE-2024-2611
|
2024-10-31 04:35 |
2024-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
533
|
- |
|
-
|
-
|
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4. Processing a file may lead to a denial-of-service or potentially disclose memory contents.
Update
|
-
|
CVE-2024-23248
|
2024-10-31 04:35 |
2024-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
534
|
9.8 |
CRITICAL
Network
acme.sh_project
|
acme.sh
|
acme.sh before 3.0.6 runs arbitrary commands from a remote server via eval, as exploited in the wild in June 2023.
Update
|
NVD-CWE-noinfo
|
CVE-2023-38198
|
2024-10-31 04:35 |
2023-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
535
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
riscv: fix race when vmap stack overflow
Currently, when detecting vmap stack overflow, riscv firstly switches
to the so called s…
Update
|
CWE-362
Race Condition
|
CVE-2022-49001
|
2024-10-31 03:58 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
536
|
6.1 |
MEDIUM
Network
|
butlerblog
|
wp-members
|
The WP-Members Membership Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, an…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9231
|
2024-10-31 03:56 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
537
|
7.5 |
HIGH
Network
esafenet
|
cdg
|
A vulnerability classified as problematic was found in ESAFENET CDG 5. Affected by this vulnerability is the function actionViewDecyptFile of the file /com/esafenet/servlet/client/DecryptApplicationS…
Update
|
CWE-22
Path Traversal
|
CVE-2024-10379
|
2024-10-31 03:54 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
538
|
8.8 |
HIGH
Adjacent
|
se
|
rmnf22tb30_firmware
renf22r2mmw_firmware
|
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering
of device configuration over NFC communication.
Update
|
NVD-CWE-noinfo
|
CVE-2024-0568
|
2024-10-31 03:52 |
2024-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
539
|
7.3 |
HIGH
Network
|
redhat
|
build_of_keycloak
jboss_enterprise_application_platform
|
A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-10234
|
2024-10-31 03:50 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
540
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a maliciously crafted file may lead to an unexpect…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-44284
|
2024-10-31 03:48 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
