Latest CVE Feed
-
6.8
MEDIUMCVE-2024-33016
memory corruption when an invalid firehose patch command is invoked.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +287 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
8.4
HIGHCVE-2024-23365
Memory corruption while releasing shared resources in MinkSocket listener thread.... Read more
Affected Products : qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware qca6574_firmware qca6574a_firmware sa8540p_firmware sa9000p_firmware +17 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
7.5
HIGHCVE-2024-23358
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem.... Read more
Affected Products : wcn3980_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware wsa8835_firmware ar8035_firmware qca6584au_firmware qca6698aq_firmware qca8081_firmware qca8337_firmware +42 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
2.5
LOWCVE-2024-45305
gix-path is a crate of the gitoxide project dealing with git paths and their conversions. `gix-path` executes `git` to find the path of a configuration file that belongs to the `git` installation itself, but mistakenly treats the local repository's config... Read more
Affected Products :- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
7.5
HIGHCVE-2024-5148
A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a ... Read more
Affected Products :- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
8.4
HIGHCVE-2024-33035
Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware +74 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
7.1
HIGHCVE-2024-23362
Cryptographic issue while parsing RSA keys in COBR format.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +195 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
7.5
HIGHCVE-2024-23364
Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA).... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware +156 more products- Published: Sep. 02, 2024
- Modified: Sep. 03, 2024
-
6.6
MEDIUMCVE-2024-25562
Improper buffer restrictions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access.... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 31, 2024
-
3.3
LOWCVE-2024-24973
Improper input validation for some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable denial of service via local access.... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 31, 2024
-
7.8
HIGHCVE-2024-23495
Incorrect default permissions in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 31, 2024
-
7.3
HIGHCVE-2024-23491
Uncontrolled search path in some Intel(R) Distribution for GDB software before version 2024.0.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more
- Published: Aug. 14, 2024
- Modified: Aug. 31, 2024
-
7.5
HIGHCVE-2024-7651
The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to limited SQL Injection via the ‘app-builder-search’ parameter in all versions up to, and including, 4.2.6 due to insufficient escaping on the user suppli... Read more
Affected Products : app_builder- Published: Aug. 21, 2024
- Modified: Aug. 31, 2024
-
6.5
MEDIUMCVE-2024-7032
The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'moo_deactivateAndClean' function in all versions up to, and including, 1.5.6. This makes it possible for unauthenti... Read more
Affected Products : smart_online_order_for_clover- Published: Aug. 21, 2024
- Modified: Aug. 31, 2024
-
4.3
MEDIUMCVE-2024-7030
The Smart Online Order for Clover plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.5.6. This makes it possible for authenticated attacker... Read more
Affected Products : smart_online_order_for_clover- Published: Aug. 21, 2024
- Modified: Aug. 31, 2024
-
5.4
MEDIUMCVE-2024-42939
A cross-site scripting (XSS) vulnerability in the component /index/index.html of YZNCMS v1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the configured remarks text field.... Read more
Affected Products : yzncms- Published: Aug. 21, 2024
- Modified: Aug. 31, 2024
-
6.5
MEDIUMCVE-2024-42337
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor... Read more
Affected Products : identity- Published: Aug. 25, 2024
- Modified: Aug. 30, 2024
-
4.3
MEDIUMCVE-2024-42338
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor... Read more
Affected Products : identity- Published: Aug. 25, 2024
- Modified: Aug. 30, 2024
-
8.3
HIGHCVE-2024-42340
CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security... Read more
Affected Products : identity- Published: Aug. 25, 2024
- Modified: Aug. 30, 2024
-
4.3
MEDIUMCVE-2024-42339
CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor... Read more
Affected Products : identity- Published: Aug. 25, 2024
- Modified: Aug. 30, 2024