|
314751
|
- |
|
ariadne
|
ariadne_cms
|
NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote attackers to execute arbitrary PHP code by modifying the ari…
|
NVD-CWE-Other
|
CVE-2005-1181
|
2024-08-8 07:15 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314752
|
- |
|
calendarscript
|
calendarscript
|
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in the login command in calendar.pl in CalendarScript 3.21 allows remote attackers to inject arbitrary web …
|
NVD-CWE-Other
|
CVE-2005-1146
|
2024-08-8 07:15 |
2005-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314753
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Loader in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2024-6989
|
2024-08-8 07:10 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314754
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Dawn in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2024-6991
|
2024-08-8 07:09 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314755
|
3.1 |
LOW
Network
|
google
|
chrome
|
Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium secur…
|
CWE-362
Race Condition
|
CVE-2024-6996
|
2024-08-8 07:06 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314756
|
- |
|
-
|
-
|
Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox …
|
-
|
CVE-2024-7519
|
2024-08-8 06:35 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314757
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in HTML in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML…
|
NVD-CWE-noinfo
|
CVE-2024-7001
|
2024-08-8 06:33 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314758
|
7.5 |
HIGH
Network
|
zscaler
|
client_connector
|
Anti-tampering can be disabled under certain conditions without signature validation. This affects Zscaler Client Connector <4.2.0.190 with anti-tampering enabled.
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2024-23456
|
2024-08-8 06:30 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314759
|
7.8 |
HIGH
Local
|
zscaler
|
client_connector
|
The Zscaler Updater process does not validate the digital signature of the installer before execution, allowing arbitrary code to be locally executed. This affects Zscaler Client Connector on MacOS <…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2024-23460
|
2024-08-8 06:29 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314760
|
7.8 |
HIGH
Local
|
zscaler
|
client_connector
|
While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscale…
|
CWE-346
Origin Validation Error
|
CVE-2024-23458
|
2024-08-8 06:29 |
2024-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
