Latest CVE Feed
-
2.2
LOWCVE-2024-21243
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network acces... Read more
- Published: Oct. 15, 2024
- Modified: Oct. 16, 2024
-
7.5
HIGHCVE-2024-49193
Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing, because Cc fields are extracted from incoming e-mail messages and used to grant additional authorization for ticket viewing, the mechanism for detecting spoofed ... Read more
Affected Products :- Published: Oct. 12, 2024
- Modified: Oct. 16, 2024
-
5.3
MEDIUMCVE-2024-48795
An issue in Creative Labs Pte Ltd com.creative.apps.xficonnect 2.00.02 allows a remote attacker to obtain sensitive information via the firmware update process.... Read more
Affected Products :- Published: Oct. 14, 2024
- Modified: Oct. 16, 2024
-
6.6
MEDIUMCVE-2024-41997
An issue was discovered in version of Warp Terminal prior to 2024.07.18 (v0.2024.07.16.08.02). A command injection vulnerability exists in the Docker integration functionality. An attacker can create a specially crafted hyperlink using the `warp://action/... Read more
Affected Products :- Published: Oct. 14, 2024
- Modified: Oct. 16, 2024
-
2.2
LOWCVE-2024-21244
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Telemetry). Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network acces... Read more
- Published: Oct. 15, 2024
- Modified: Oct. 16, 2024
-
6.7
MEDIUMCVE-2024-23370
Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same.... Read more
Affected Products : sw5100_firmware sw5100p_firmware wcn3980_firmware wcn3988_firmware wsa8830_firmware wsa8835_firmware qca6584au_firmware qca6698aq_firmware qca9377_firmware qca9367_firmware +12 more products- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
6.7
MEDIUMCVE-2024-23374
Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.... Read more
Affected Products : qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware sa8195p_firmware sw5100_firmware +42 more products- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
6.7
MEDIUMCVE-2024-23375
Memory corruption during the network scan request.... Read more
Affected Products : sa6155p_firmware sa8155p_firmware sa8195p_firmware sw5100_firmware sw5100p_firmware wcn3980_firmware wcn3988_firmware wsa8830_firmware wsa8835_firmware sa4150p_firmware +18 more products- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
4.3
MEDIUMCVE-2024-43780
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.0, 9.8.x <= 9.8.2 fail to enforce permissions which allows a guest user with read access to upload files to a channel.... Read more
- Published: Aug. 22, 2024
- Modified: Oct. 16, 2024
-
6.7
MEDIUMCVE-2024-23376
Memory corruption while sending the persist buffer command packet from the user-space to the kernel space through the IOCTL call.... Read more
Affected Products : qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware sa8195p_firmware sw5100_firmware +32 more products- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
6.0
MEDIUMCVE-2024-42497
Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to properly enforce permissions which allows a user with systems manager role with read-only access to teams to perform write operations on teams.... Read more
- Published: Aug. 22, 2024
- Modified: Oct. 16, 2024
-
9.0
HIGHCVE-2024-8231
A vulnerability classified as critical has been found in Tenda O6 1.0.0.7(2054). Affected is the function fromVirtualSet of the file /goform/setPortForward. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based buffer overflow.... Read more
- Published: Aug. 28, 2024
- Modified: Oct. 16, 2024
-
6.7
MEDIUMCVE-2024-23378
Memory corruption while invoking IOCTL calls for MSM module from the user space during audio playback and record.... Read more
Affected Products : qca6584au_firmware qca6698aq_firmware sa9000p_firmware qam8255p_firmware sa8255p_firmware qam8650p_firmware qam8775p_firmware qca6584au sa8770p_firmware sa8775p_firmware +26 more products- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
6.7
MEDIUMCVE-2024-23379
Memory corruption while unmapping the fastrpc map when two threads can free the same map in concurrent scenario.... Read more
Affected Products : wcd9341_firmware wcd9380_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware wsa8835_firmware qca6310_firmware qca6584au_firmware qca6698aq_firmware wcd9335_firmware +58 more products- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
7.7
HIGHCVE-2024-45290
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file which links media from external URLs. When opening the XLSX file, PhpSpreadsheet retrieves the image size and type by r... Read more
- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
8.2
HIGHCVE-2024-33064
Information disclosure while parsing the multiple MBSSID IEs from the beacon.... Read more
- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
9.8
CRITICALCVE-2024-33066
Memory corruption while redirecting log file to any file location with any file name.... Read more
- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
7.5
HIGHCVE-2024-33069
Transient DOS when transmission of management frame sent by host is not successful and error status is received in the host.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa8295p_firmware sw5100_firmware sw5100p_firmware +78 more products- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
7.5
HIGHCVE-2024-33070
Transient DOS while parsing ESP IE from beacon/probe response frame.... Read more
- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
7.5
HIGHCVE-2024-33071
Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0.... Read more
- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024