|
151
|
7.5 |
HIGH
Network
ceph
canonical
|
civetweb
ubuntu_linux
|
A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaus…
Update
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2019-3821
|
2024-11-20 05:23 |
2019-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
152
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2016-7531
|
2024-11-20 05:23 |
2017-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
153
|
- |
|
littlecms
mozilla
sun
gimp
|
little_cms
firefox
openjdk
gimp
|
Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2009-0581
|
2024-11-20 05:19 |
2009-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
154
|
8.8 |
HIGH
Network
|
microsoft
|
sql_server_2016
sql_server_2017
sql_server_2019
|
SQL Server Native Client Remote Code Execution Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-43462
|
2024-11-20 05:18 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
155
|
- |
|
-
|
-
|
Rejected reason: This CVE was previously published at https://bugzilla.redhat.com/show_bug.cgi?id=2262978 but later rejected for the following reason: The flaw requires an attacker to have superuser …
New
|
-
|
CVE-2024-1271
|
2024-11-20 05:15 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
156
|
6.1 |
MEDIUM
Network
|
appointmind
|
appointmind
|
Cross-Site Request Forgery (CSRF) vulnerability in GentleSource Appointmind allows Stored XSS.This issue affects Appointmind: from n/a through 4.0.0.
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-51679
|
2024-11-20 05:07 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
157
|
9.8 |
CRITICAL
Network
microsoft
|
.net
visual_studio_2022
|
.NET and Visual Studio Remote Code Execution Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-43498
|
2024-11-20 05:01 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
158
|
7.5 |
HIGH
Network
microsoft
|
.net
visual_studio_2022
|
.NET and Visual Studio Denial of Service Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-43499
|
2024-11-20 04:59 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
159
|
6.7 |
MEDIUM
Local
|
intel
|
server_board_m70klp2sb_firmware
|
Improper Access Control in UEFI firmware for some Intel(R) Server Board M70KLP may allow a privileged user to potentially enable escalation of privilege via local access.
Update
|
CWE-284
Improper Access Control
|
CVE-2024-39609
|
2024-11-20 04:58 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
160
|
6.7 |
MEDIUM
Local
|
intel
|
m10jnp2sb_firmware
|
Improper input validation in UEFI firmware in some Intel(R) Server Board M10JNP2SB Family may allow a privileged user to potentially enable escalation of privilege via local access.
Update
|
NVD-CWE-noinfo
|
CVE-2024-41167
|
2024-11-20 04:45 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
