|
1351
|
9.8 |
CRITICAL
Network
openrobotics
|
robot_operating_system
|
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_regulated_pure_p…
|
CWE-281
Improper Preservation of Permissions
|
CVE-2024-41648
|
2024-12-14 05:26 |
2024-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1352
|
9.8 |
CRITICAL
Network
openrobotics
|
robot_operating_system
|
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_mppi_controller.
|
NVD-CWE-noinfo
|
CVE-2024-41647
|
2024-12-14 05:26 |
2024-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1353
|
9.8 |
CRITICAL
Network
openrobotics
|
robot_operating_system
|
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the executor_thread_.
|
CWE-281
Improper Preservation of Permissions
|
CVE-2024-41649
|
2024-12-14 05:13 |
2024-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1354
|
9.8 |
CRITICAL
Network
openrobotics
|
robot_operating_system
|
Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_costmap_2d.
|
CWE-281
Improper Preservation of Permissions
|
CVE-2024-41650
|
2024-12-14 05:12 |
2024-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1355
|
7.8 |
HIGH
Local
|
ivanti
|
automation
|
Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to achieve local privilege escalation.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-9845
|
2024-12-14 04:44 |
2024-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1356
|
7.8 |
HIGH
Local
|
ivanti
|
workspace_control
|
Under specific circumstances, insecure permissions in Ivanti Workspace Control before version 10.18.40.0 allows a local authenticated attacker to achieve local privilege escalation.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-8496
|
2024-12-14 04:42 |
2024-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1357
|
7.8 |
HIGH
Local
|
ivanti
|
security_controls
|
Under specific circumstances, insecure permissions in Ivanti Security Controls before version 2024.4.1 allows a local authenticated attacker to achieve local privilege escalation.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-10251
|
2024-12-14 04:35 |
2024-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1358
|
8.8 |
HIGH
Network
|
gfi
|
archiver
|
GFI Archiver Core Service Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-11947
|
2024-12-14 04:33 |
2024-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1359
|
9.8 |
CRITICAL
Network
gfi
|
archiver
|
GFI Archiver Telerik Web UI Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Authentication is not …
|
NVD-CWE-noinfo
|
CVE-2024-11948
|
2024-12-14 04:32 |
2024-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1360
|
8.8 |
HIGH
Network
|
gfi
|
archiver
|
GFI Archiver Store Service Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-11949
|
2024-12-14 04:28 |
2024-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
