|
312801
|
5.5 |
MEDIUM
Local
|
apple
|
macos
ipados
iphone_os
visionos
watchos
tvos
xcode
|
This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, Xcode 16, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. An app …
|
NVD-CWE-noinfo
|
CVE-2024-44191
|
2024-09-25 22:24 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312802
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-2143 Reason: This candidate is a reservation duplicate of CVE-2023-2143. Notes: All CVE users should reference
CV…
|
-
|
CVE-2024-9063
|
2024-09-25 10:15 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312803
|
- |
|
-
|
-
|
A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD tra…
|
CWE-295
Improper Certificate Validation
|
CVE-2024-7383
|
2024-09-25 10:15 |
2024-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312804
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/i915/gem: Fix Virtual Memory mapping boundaries calculation
Calculating the size of the mapped area as the lesser value
betwe…
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2024-42259
|
2024-09-25 10:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312805
|
9.8 |
CRITICAL
Network
|
ivanti
|
virtual_traffic_management
|
Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.
|
CWE-287
Improper Authentication
|
CVE-2024-7593
|
2024-09-25 10:00 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312806
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.
|
CWE-281
Improper Preservation of Permissions
|
CVE-2024-44188
|
2024-09-25 05:38 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312807
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.
|
CWE-281
Improper Preservation of Permissions
|
CVE-2024-40859
|
2024-09-25 05:31 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312808
|
7.5 |
HIGH
Network
|
zitadel
|
zitadel
|
Zitadel is an open source identity management platform. ZITADEL's user account deactivation mechanism did not work correctly with service accounts. Deactivated service accounts retained the ability t…
|
NVD-CWE-noinfo
|
CVE-2024-47000
|
2024-09-25 05:25 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312809
|
6.5 |
MEDIUM
Network
|
zitadel
|
zitadel
|
Zitadel is an open source identity management platform. ZITADEL's user grants deactivation mechanism did not work correctly. Deactivated user grants were still provided in token, which could lead to …
|
NVD-CWE-noinfo
|
CVE-2024-46999
|
2024-09-25 05:20 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312810
|
7.5 |
HIGH
Network
|
envoyproxy
|
envoy
|
Envoy is a cloud-native high-performance edge/middle/service proxy. Jwt filter will lead to an Envoy crash when clear route cache with remote JWKs. In the following case: 1. remote JWKs are used, whi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-45809
|
2024-09-25 05:12 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
