Latest CVE Feed
-
6.5
MEDIUMCVE-2024-45308
HedgeDoc is an open source, real-time, collaborative, markdown notes application. When using HedgeDoc 1 with MySQL or MariaDB, it is possible to create notes with an alias matching the ID of existing notes. The affected existing note can then not be acces... Read more
Affected Products : hedgedoc- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
2.5
LOWCVE-2024-45305
gix-path is a crate of the gitoxide project dealing with git paths and their conversions. `gix-path` executes `git` to find the path of a configuration file that belongs to the `git` installation itself, but mistakenly treats the local repository's config... Read more
Affected Products :- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
6.8
MEDIUMCVE-2024-33016
memory corruption when an invalid firehose patch command is invoked.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +287 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
7.5
HIGHCVE-2024-23358
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem.... Read more
Affected Products : wcn3980_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware wsa8835_firmware ar8035_firmware qca6584au_firmware qca6698aq_firmware qca8081_firmware qca8337_firmware +42 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
8.4
HIGHCVE-2024-23365
Memory corruption while releasing shared resources in MinkSocket listener thread.... Read more
Affected Products : qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware qca6574_firmware qca6574a_firmware sa8540p_firmware sa9000p_firmware +17 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
8.4
HIGHCVE-2024-33035
Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware +74 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
7.1
HIGHCVE-2024-23362
Cryptographic issue while parsing RSA keys in COBR format.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +195 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
7.5
HIGHCVE-2024-23364
Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware +156 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
8.2
HIGHCVE-2024-23359
Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sd855_firmware +126 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
7.5
HIGHCVE-2024-5148
A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a ... Read more
Affected Products :- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
5.1
MEDIUMCVE-2024-8367
A vulnerability was found in HM Courts & Tribunals Service Probate Back Office up to c1afe0cdb2b2766d9e24872c4e827f8b82a6cd31. It has been classified as problematic. Affected is an unknown function of the file src/main/java/uk/gov/hmcts/probate/service/No... Read more
Affected Products :- Published: Sep. 01, 2024
- Modified: Sep. 03, 2024
-
6.6
MEDIUMCVE-2024-25562
Improper buffer restrictions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access.... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 31, 2024
-
3.3
LOWCVE-2024-24973
Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access.... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 31, 2024
-
7.8
HIGHCVE-2024-23495
Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 31, 2024
-
7.3
HIGHCVE-2024-23491
Uncontrolled search path in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 31, 2024
-
7.5
HIGHCVE-2024-7651
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to limited SQL Injection via the ‘app-builder-search’ parameter in all versions up to, and including, 4.2.6 due to insufficient escaping on the user suppli... Read more
Affected Products : app_builder- Published: Aug. 21, 2024
- Modified: Aug. 31, 2024
-
6.5
MEDIUMCVE-2024-7032
The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'moo_deactivateAndClean' function in all versions up to, and including, 1.5.6. This makes it possible for unauthenti... Read more
Affected Products : smart_online_order_for_clover- Published: Aug. 21, 2024
- Modified: Aug. 31, 2024
-
4.3
MEDIUMCVE-2024-7030
The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.5.6. This makes it possible for authenticated attacker... Read more
Affected Products : smart_online_order_for_clover- Published: Aug. 21, 2024
- Modified: Aug. 31, 2024
-
5.4
MEDIUMCVE-2024-42939
A cross-site scripting (XSS) vulnerability in the component /index/index.html of YZNCMS v1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the configured remarks text field.... Read more
Affected Products : yzncms- Published: Aug. 21, 2024
- Modified: Aug. 31, 2024
-
6.5
MEDIUMCVE-2024-42337
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor... Read more
Affected Products : identity- Published: Aug. 25, 2024
- Modified: Aug. 30, 2024