|
2161
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious application may be able to leak a user's credentials.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-54471
|
2024-12-20 00:25 |
2024-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2162
|
9.8 |
CRITICAL
Network
gstreamer_project
|
gstreamer
|
GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream->samples to accommodate stream->n_samples + samples_cou…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2024-47537
|
2024-12-20 00:20 |
2024-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2163
|
- |
|
-
|
-
|
Improper neutralization of input in Nagvis before version 1.9.42 which can lead to XSS
|
-
|
CVE-2024-47093
|
2024-12-20 00:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2164
|
8.8 |
HIGH
Network
|
-
|
-
|
A flaw was found in the MustGather.managed.openshift.io Custom Defined Resource (CRD) of OpenShift Dedicated. A non-privileged user on the cluster can create a MustGather object with a specially craf…
|
CWE-20
Improper Input Validation
|
CVE-2024-25131
|
2024-12-20 00:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2165
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, was found in X1a0He Adobe Downloader up to 1.3.1 on macOS. Affected is the function shouldAcceptNewConnection of the file com.x1a0he.macOS.Adobe-Dow…
|
CWE-266
CWE-269
Incorrect Privilege Assignment
Improper Privilege Management
|
CVE-2024-12786
|
2024-12-20 00:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2166
|
- |
|
-
|
-
|
A vulnerability was found in itsourcecode Vehicle Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file sendmail.php. The man…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-12785
|
2024-12-20 00:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2167
|
5.5 |
MEDIUM
Local
|
fabulatech
|
usb_over_network
|
A vulnerability, which was classified as problematic, was found in FabulaTech USB over Network 6.0.6.1. This affects the function 0x220448 in the library ftusbbus2.sys of the component IOCT Handler. …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-12656
|
2024-12-20 00:11 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2168
|
5.5 |
MEDIUM
Local
|
fabulatech
|
usb_over_network
|
A vulnerability, which was classified as problematic, has been found in FabulaTech USB over Network 6.0.6.1. Affected by this issue is the function 0x220420 in the library ftusbbus2.sys of the compon…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-12655
|
2024-12-20 00:11 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2169
|
5.9 |
MEDIUM
Network
|
invoiceplane
|
invoiceplane
|
A vulnerability was found in InvoicePlane up to 1.6.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /invoices/view. The manipulation leads to session…
|
CWE-613
Insufficient Session Expiration
|
CVE-2024-12667
|
2024-12-20 00:10 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2170
|
8.8 |
HIGH
Network
|
classcms
|
classcms
|
A vulnerability has been found in ClassCMS up to 4.8 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin?do=admin:user:editPost of the component …
|
NVD-CWE-noinfo
|
CVE-2024-12666
|
2024-12-20 00:01 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
