|
312641
|
- |
|
-
|
-
|
An issue was discovered in Samsung eMMC with KLMAG2GE4A and KLM8G1WEMB firmware. Code bypass through Electromagnetic Fault Injection allows an attacker to successfully authenticate and write to the R…
|
-
|
CVE-2024-31955
|
2024-10-31 02:35 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312642
|
5.3 |
MEDIUM
Network
|
djangoproject
|
django
|
An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password reset flows, allows remote attackers to…
|
NVD-CWE-noinfo
|
CVE-2024-45231
|
2024-10-31 02:35 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312643
|
7.5 |
HIGH
Network
|
djangoproject
|
django
|
An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via ve…
|
NVD-CWE-noinfo
|
CVE-2024-45230
|
2024-10-31 02:35 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312644
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
firefox_esr
|
An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This acces…
|
NVD-CWE-Other
|
CVE-2024-9393
|
2024-10-31 02:35 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312645
|
5.3 |
MEDIUM
Network
|
mozilla
|
firefox
|
Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121.…
|
NVD-CWE-noinfo
|
CVE-2024-8388
|
2024-10-31 02:35 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312646
|
6.1 |
MEDIUM
Network
|
mozilla
|
firefox
firefox_esr
|
If a site had been granted the permission to open popup windows, it could cause Select elements to appear on top of another site to perform a spoofing attack. This vulnerability affects Firefox < 130…
|
CWE-601
Open Redirect
|
CVE-2024-8386
|
2024-10-31 02:35 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312647
|
8.8 |
HIGH
Network
|
mozilla
|
firefox_esr
firefox
|
Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to…
|
NVD-CWE-noinfo
|
CVE-2024-8382
|
2024-10-31 02:35 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312648
|
7.5 |
HIGH
Network
|
mozilla
|
firefox_esr
firefox
|
Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-re…
|
NVD-CWE-noinfo
|
CVE-2024-8383
|
2024-10-31 02:35 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312649
|
4.3 |
MEDIUM
Network
|
apple
|
ipados
iphone_os
watchos
visionos
tvos
safari
macos
|
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, Safari 18.1. Proces…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-44244
|
2024-10-31 02:31 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312650
|
5.5 |
MEDIUM
Local
|
apple
|
macos
iphone_os
ipados
watchos
visionos
tvos
|
An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ven…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-44239
|
2024-10-31 02:30 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
