|
1331
|
7.6 |
HIGH
Network
|
-
|
-
|
A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod.…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-45497
|
2024-12-31 12:15 |
2024-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1332
|
8.8 |
HIGH
Network
|
-
|
-
|
The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling the user ID parameter, remote attackers with regular privileges could access ce…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-13040
|
2024-12-31 11:15 |
2024-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1333
|
8.8 |
HIGH
Network
|
-
|
-
|
The login mechanism via device authentication of CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability. If a user visits a forged website, the agent program deployed …
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2024-12839
|
2024-12-31 11:15 |
2024-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1334
|
8.8 |
HIGH
Network
|
-
|
-
|
The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request…
|
CWE-302
Authentication Bypass by Assumed-Immutable Data
|
CVE-2024-12838
|
2024-12-31 11:15 |
2024-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1335
|
- |
|
-
|
-
|
An issue exists in SoftIron HyperCloud
where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined…
|
-
|
CVE-2024-13058
|
2024-12-31 07:15 |
2024-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1336
|
- |
|
-
|
-
|
Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker m…
|
CWE-59
Link Following
|
CVE-2024-12753
|
2024-12-31 06:15 |
2024-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1337
|
- |
|
-
|
-
|
Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. Us…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-12752
|
2024-12-31 06:15 |
2024-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1338
|
- |
|
-
|
-
|
Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. U…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-12751
|
2024-12-31 06:15 |
2024-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1339
|
- |
|
-
|
-
|
iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2024-11946
|
2024-12-31 06:15 |
2024-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1340
|
- |
|
-
|
-
|
iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installat…
|
CWE-22
Path Traversal
|
CVE-2024-11944
|
2024-12-31 06:15 |
2024-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
