|
319701
|
- |
|
-
|
-
|
Improper permission configurationDomain configuration vulnerability of the mobile application (com.afmobi.boomplayer) can lead to account takeover risks.
|
-
|
CVE-2024-8039
|
2024-09-17 11:35 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319702
|
8.1 |
HIGH
Network
|
dell
|
smartfabric_os10
|
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an Use of Hard-coded Password vulnerability. A low privileged attacker with remote access could potentia…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-39585
|
2024-09-17 11:15 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319703
|
8.8 |
HIGH
Network
|
-
|
-
|
Windows MSHTML Platform Spoofing Vulnerability
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2024-43461
|
2024-09-17 10:00 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319704
|
9.8 |
CRITICAL
Network
|
progress
|
whatsup_gold
|
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
|
CWE-89
SQL Injection
|
CVE-2024-6670
|
2024-09-17 10:00 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319705
|
8.8 |
HIGH
Network
|
asterisk
|
asterisk
certified_asterisk
|
Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an A…
|
NVD-CWE-Other
|
CVE-2024-42365
|
2024-09-17 05:23 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319706
|
9.8 |
CRITICAL
Network
|
sonicwall
|
sonicos
|
An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the fi…
|
NVD-CWE-noinfo
|
CVE-2024-40766
|
2024-09-17 04:48 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319707
|
8.8 |
HIGH
Network
|
xwiki
|
pro_macros
|
Pro Macros provides XWiki rendering macros. Missing escaping in the Viewpdf macro allows any user with view right on the `CKEditor.HTMLConverter` page or edit or comment right on any page to perform …
|
CWE-74
Injection
|
CVE-2024-42489
|
2024-09-17 04:46 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319708
|
5.5 |
MEDIUM
Local
|
nvidia
|
cuda_toolkit
|
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-0102
|
2024-09-17 04:37 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319709
|
8.8 |
HIGH
Local
|
nvidia
|
jetson_linux
|
NVIDIA Jetson Linux contains a vulnerability in NvGPU where error handling paths in GPU MMU mapping code fail to clean up a failed mapping attempt. A successful exploit of this vulnerability may lead…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-0108
|
2024-09-17 04:27 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319710
|
7.5 |
HIGH
Network
|
nvidia
|
mlnx-os
mlnx-gw
onyx
nvda-os_xc
|
NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter, where improper ipfilter definitions could enable an attacker to cause a failure by attacking the switch…
|
NVD-CWE-Other
|
CVE-2024-0101
|
2024-09-17 04:24 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
