Latest CVE Feed
-
6.7
MEDIUMCVE-2024-37976
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 windows_11_22h2 +7 more products- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
8.8
HIGH- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
8.8
HIGH- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
5.5
MEDIUMCVE-2024-45382
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write.... Read more
Affected Products : openharmony- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
7.8
HIGHCVE-2024-37982
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_21h2 windows_11_22h2 +7 more products- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
5.5
MEDIUMCVE-2024-43697
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through improper input.... Read more
Affected Products : openharmony- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
7.8
HIGHCVE-2024-37979
Windows Kernel Elevation of Privilege Vulnerability... Read more
- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
5.5
MEDIUMCVE-2024-43696
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS by memory leak.... Read more
Affected Products : openharmony- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
9.8
CRITICAL- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
6.1
MEDIUMCVE-2024-38425
Information disclosure while sending implicit broadcast containing APP launch information.... Read more
Affected Products : wcd9380_firmware wsa8830_firmware wsa8835_firmware snapdragon_662_mobile_platform_firmware fastconnect_6900_firmware fastconnect_7800_firmware snapdragon_4_gen_1_mobile_platform_firmware snapdragon_480_5g_mobile_platform_firmware snapdragon_680_4g_mobile_platform_firmware snapdragon_695_5g_mobile_platform_firmware +38 more products- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
9.8
CRITICAL- Published: Oct. 07, 2024
- Modified: Oct. 16, 2024
-
8.4
HIGHCVE-2024-35520
Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2 parameter.... Read more
- Published: Oct. 14, 2024
- Modified: Oct. 16, 2024
-
8.2
HIGHCVE-2024-8977
An issue has been discovered in GitLab EE affecting all versions starting from 15.10 prior to 17.2.9, from 17.3 prior to 17.3.5, and from 17.4 prior to 17.4.2. Instances with Product Analytics Dashboard configured and enabled could be vulnerable to SSRF a... Read more
Affected Products : gitlab- Published: Oct. 10, 2024
- Modified: Oct. 16, 2024
-
5.3
MEDIUMCVE-2024-9596
An issue has been discovered in GitLab EE affecting all versions starting from 16.6 prior to 17.2.9, from 17.3 prior to 17.3.5, and from 17.4 prior to 17.4.2. It was possible for an unauthenticated attacker to determine the GitLab version number for a Git... Read more
Affected Products : gitlab- Published: Oct. 10, 2024
- Modified: Oct. 16, 2024
-
6.5
MEDIUMCVE-2024-9623
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows deploy keys to push to an archived repository.... Read more
Affected Products : gitlab- Published: Oct. 10, 2024
- Modified: Oct. 16, 2024
-
5.4
MEDIUMCVE-2024-48902
In JetBrains YouTrack before 2024.3.46677 improper access control allowed users with project update permission to delete applications via API... Read more
Affected Products : youtrack- Published: Oct. 10, 2024
- Modified: Oct. 16, 2024
-
9.8
CRITICALCVE-2024-9201
The SEUR plugin, in its versions prior to 2.5.11, is vulnerable to time-based SQL injection through the use of the ‘id_order’ parameter of the ‘/modules/seur/ajax/saveCodFee.php’ endpoint.... Read more
Affected Products : seur- Published: Oct. 10, 2024
- Modified: Oct. 16, 2024
-
7.3
HIGHCVE-2024-6530
A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 17.1 prior 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2. When adding a authorizing an application, it can be made to rend... Read more
Affected Products : gitlab- Published: Oct. 10, 2024
- Modified: Oct. 16, 2024
-
6.7
MEDIUMCVE-2024-39831
in OpenHarmony v4.1.0 allow a local attacker with high privileges arbitrary code execution in pre-installed apps through use after free.... Read more
Affected Products : openharmony- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024
-
5.5
MEDIUMCVE-2024-39806
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read.... Read more
Affected Products : openharmony- Published: Oct. 08, 2024
- Modified: Oct. 16, 2024