|
319651
|
5.5 |
MEDIUM
Local
|
intel
|
arc_a_graphics
iris_xe_graphics
|
Improper access control in some Intel(R) Arc(TM) & Iris(R) Xe Graphics software before version 31.0.101.4824 may allow an authenticated user to potentially enable denial of service via local access.
|
NVD-CWE-noinfo
|
CVE-2024-28050
|
2024-09-7 03:38 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319652
|
7.3 |
HIGH
Local
|
intel
|
oneapi_hpc_toolkit
trace_analyzer_and_collector
|
Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-28172
|
2024-09-7 03:36 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319653
|
7.3 |
HIGH
Local
|
intel
|
mpi_library
oneapi_hpc_toolkit
|
Uncontrolled search path for some Intel(R) MPI Library software before version 2021.12 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-28876
|
2024-09-7 03:35 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319654
|
9.8 |
CRITICAL
Network
|
lopalopa
|
music_management_system
|
Kashipara Music Management System v1.0 is vulnerable to SQL Injection via /music/manage_playlist_items.php. An attacker can execute arbitrary SQL commands via the "pid" parameter.
|
CWE-89
SQL Injection
|
CVE-2024-42783
|
2024-09-7 03:31 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319655
|
7.2 |
HIGH
Network
|
ethyca
|
fides
|
Fides is an open-source privacy engineering platform. Starting in version 2.19.0 and prior to version 2.44.0, the Email Templating feature uses Jinja2 without proper input sanitization or rendering e…
|
CWE-94
Code Injection
|
CVE-2024-45053
|
2024-09-7 03:20 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319656
|
5.3 |
MEDIUM
Network
|
ethyca
|
fides
|
Fides is an open-source privacy engineering platform. Prior to version 2.44.0, a timing-based username enumeration vulnerability exists in Fides Webserver authentication. This vulnerability allows an…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-45052
|
2024-09-7 03:18 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319657
|
7.5 |
HIGH
Network
|
zyxel
|
nebula_lte3301-plus_firmware
nebula_fwa505_firmware
nebula_fwa710_firmware
nebula_fwa510_firmware
wx5600-t0_firmware
wx3401-b0_firmware
wx3100-t0_firmware
scr50axe_firmware
px…
|
A buffer overflow vulnerability in the library "libclinkc" of the Zyxel VMG8825-T50K firmware version 5.50(ABOM.8)C0 could allow an unauthenticated attacker to cause denial of service (DoS) condition…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-5412
|
2024-09-7 03:07 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319658
|
7.5 |
HIGH
Network
|
transsion
|
carlcare
|
Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user information leakage risks.
|
NVD-CWE-noinfo
|
CVE-2024-7697
|
2024-09-7 03:04 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319659
|
8.8 |
HIGH
Local
|
freebsd
|
freebsd
|
The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace, without initializing it.
Malicious software running in a guest VM that exposes virtio_scsi can exploi…
|
CWE-909
Missing Initialization of Resource
|
CVE-2024-8178
|
2024-09-7 02:35 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319660
|
8.8 |
HIGH
Local
|
freebsd
|
freebsd
|
The function ctl_write_buffer incorrectly set a flag which resulted in a kernel Use-After-Free when a command finished processing.
Malicious software running in a guest VM that exposes virtio_scsi c…
|
CWE-416
Use After Free
|
CVE-2024-45063
|
2024-09-7 02:35 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
