|
701
|
6.5 |
MEDIUM
Network
|
apple
|
ipados
iphone_os
macos
watchos
tvos
visionos
safari
|
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionO…
Update
|
NVD-CWE-noinfo
|
CVE-2024-40789
|
2024-10-31 00:35 |
2024-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
702
|
6.5 |
MEDIUM
Network
|
openstack
|
nova
|
In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a desc…
Update
|
NVD-CWE-noinfo
|
CVE-2024-40767
|
2024-10-31 00:35 |
2024-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
703
|
- |
|
-
|
-
|
NATS.io NATS Server before 2.8.2 and Streaming Server before 0.24.6 could allow a remote attacker to bypass security restrictions, caused by the failure to enforce negative user permissions in one sc…
Update
|
-
|
CVE-2022-29946
|
2024-10-31 00:35 |
2024-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
704
|
5.5 |
MEDIUM
Local
|
jungo
mitsubishielectric
|
windriver
cpu_module_logging_configuration_tool
cw_configurator
data_transfer
ezsocket
fr_configurator_sw3
fr_configurator2
gt_got1000
gt_got2000
gt_softgot1000
gt_softg…
|
Denial of Service (DoS) vulnerability in Jungo WinDriver before 12.7.0 allows local attackers to cause a Windows blue screen error.
Update
|
NVD-CWE-noinfo
|
CVE-2024-25087
|
2024-10-31 00:35 |
2024-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
705
|
- |
|
-
|
-
|
Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox < 124.
Update
|
-
|
CVE-2024-2606
|
2024-10-31 00:35 |
2024-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
706
|
6.5 |
MEDIUM
Adjacent
|
janusintl
|
noke_standard_smart_padlock_firmware
noke_hd_smart_padlock_firmware
noke_hd\+_smart_padlock_firmware
|
Nokelock Smart padlock O1 Version 5.3.0 is vulnerable to Insecure Permissions. By sending a request, you can add any device and set the device password in the Nokelock app.
Update
|
CWE-862
Missing Authorization
|
CVE-2022-36228
|
2024-10-31 00:35 |
2023-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
707
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_…
Update
|
NVD-CWE-noinfo
|
CVE-2023-38409
|
2024-10-31 00:35 |
2023-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
708
|
8.8 |
HIGH
Network
|
hitachienergy
|
microscada_x_sys600
microscada_pro_sys600
|
The MicroSCADA Pro/X SYS600 product allows an authenticated user input to control or influence paths or file names
that are used in filesystem operations. If exploited the vulnerability allows the at…
Update
|
CWE-22
Path Traversal
|
CVE-2024-3980
|
2024-10-31 00:33 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
709
|
8.2 |
HIGH
Local
|
hitachienergy
|
microscada_x_sys600
|
An attacker with local access to machine where MicroSCADA X
SYS600 is installed, could enable the session logging supporting the product and try to exploit a session hijacking of an already establish…
Update
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2024-3982
|
2024-10-31 00:32 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
710
|
8.8 |
HIGH
Network
|
hitachienergy
|
microscada_x_sys600
microscada_pro_sys600
|
A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker to inject code towards persistent data. Note that to suc…
Update
|
NVD-CWE-Other
|
CVE-2024-4872
|
2024-10-31 00:31 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
