Vulnerability Media Exposure
These listed vulnerabilities have been referenced across multiple public sources, indicating high media attention and potential significance.
CVE-2024-29847
SeverityCRITICALDeserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.
ivanti:endpoint_managerCVE-2024-45694
SeverityCRITICALThe web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
CVE-2024-45695
SeverityCRITICALThe web service of certain models of D-Link wireless routers contains a Stack-based Buffer Overflow vulnerability, which allows unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
CVE-2024-8190
SeverityHIGHAn OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows a remote authenticated attacker to obtain remote code execution. The attacker must have admin level privileges to exploit this vulnerability.
ivanti:cloud_services_applianceCVE-2024-28991
SeverityHIGHSolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution.
solarwinds:access_rights_managerCVE-2024-28990
SeverityCRITICALSolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential authentication bypass vulnerability. If exploited, this vulnerability would allow access to the RabbitMQ management console. We thank Trend Micro Zero Day Initiative (ZDI) for its ongoing partnership in coordinating with SolarWinds on responsible disclosure of this and other potential vulnerabilities.
solarwinds:access_rights_managerCVE-2024-6678
SeverityCRITICALAn issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, which allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances.
CVE-2024-45697
SeverityCRITICALCertain models of D-Link wireless routers have a hidden functionality where the telnet service is enabled when the WAN port is plugged in. Unauthorized remote attackers can log in and execute OS commands using hard-coded credentials.
CVE-2024-6670
SeverityCRITICALIn WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
progress:whatsup_goldCVE-2024-6671
SeverityCRITICALIn WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
progress:whatsup_goldCVE-2024-38112
SeverityHIGHWindows MSHTML Platform Spoofing Vulnerability
microsoft:windows_10_1507microsoft:windows_10_1607microsoft:windows_10_1809microsoft:windows_10_21h2microsoft:windows_10_22h2microsoft:windows_11_21h2microsoft:windows_11_22h2microsoft:windows_11_23h2microsoft:windows_server_2008microsoft:windows_server_2016microsoft:windows_server_2019microsoft:windows_server_2022microsoft:windows_server_2022_23h2CVE-2024-43461
SeverityHIGHWindows MSHTML Platform Spoofing Vulnerability
microsoft:windows_10_1507microsoft:windows_10_1607microsoft:windows_10_1809microsoft:windows_10_21h2microsoft:windows_10_22h2microsoft:windows_11_21h2microsoft:windows_11_22h2microsoft:windows_11_23h2microsoft:windows_11_24h2microsoft:windows_server_2008microsoft:windows_server_2012microsoft:windows_server_2016microsoft:windows_server_2019microsoft:windows_server_2022microsoft:windows_server_2022_23h2CVE-2024-21690
SeverityHIGHThis High severity Reflected XSS and CSRF (Cross-Site Request Forgery) vulnerability was introduced in versions 7.19.0, 7.20.0, 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.1, 8.8.0, and 8.9.0 of Confluence Data Center and Server. This Reflected XSS and CSRF (Cross-Site Request Forgery) vulnerability, with a CVSS Score of 7.1, allows an unauthenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser and force a end user to execute unwanted actions on a web application in which they're currently authenticated which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires user interaction. Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: * Confluence Data Center and Server 7.19: Upgrade to a release greater than or equal to 7.19.26 * Confluence Data Center and Server 8.5: Upgrade to a release greater than or equal to 8.5.14 * Confluence Data Center and Server 9.0: Upgrade to a release greater than or equal to 9.0.1 See the release notes (https://confluence.atlassian.com/doc/confluence-release-notes-327.html). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives). This vulnerability was reported via our Bug Bounty program.
CVE-2024-34750
SeverityHIGHImproper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of an incorrect infinite timeout which allowed connections to remain open which should have been closed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.0-M1 through 9.0.89. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25 or 9.0.90, which fixes the issue.
CVE-2024-29857
SeverityHIGHAn issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.
CVE-2024-45678
SeverityMEDIUMYubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive equipment) in which an electromagnetic side channel is present because of a non-constant-time modular inversion for the Extended Euclidean Algorithm, aka the EUCLEAK issue. Other uses of an Infineon cryptographic library may also be affected.
yubico:yubikey_5c_nfc_firmwareyubico:yubikey_5_nfc_firmwareyubico:yubikey_5c_firmwareyubico:yubikey_5_nano_firmwareyubico:yubikey_5c_nano_firmwareyubico:yubikey_5ci_firmwareyubico:yubikey_5_nfc_fips_firmwareyubico:yubikey_5c_nfc_fips_firmwareyubico:yubikey_5c_fips_firmwareyubico:yubikey_5_nano_fips_firmwareyubico:yubikey_5c_nano_fips_firmwareyubico:yubikey_5ci_fips_firmwareyubico:yubikey_c_bio_firmwareyubico:yubikey_bio_firmwareyubico:security_key_nfc_by_yubico_firmwareyubico:security_key_c_nfc_by_yubico_firmwareyubico:yubihsm_2_fips_firmwareyubico:yubihsm_2_firmwareCVE-2024-5435
SeverityMEDIUMAn issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 15.10 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2 will disclose user password from repository mirror configuration.
gitlab:gitlabCVE-2024-37080
SeverityCRITICALvCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
vmware:vcenter_serverCVE-2024-6389
SeverityMEDIUMAn issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. An attacker as a guest user was able to access commit information via the release Atom endpoint, contrary to permissions.
gitlab:gitlabCVE-2024-37079
SeverityCRITICALvCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
vmware:vcenter_serverCVE-2024-5760
SeverityHIGHThe Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018.
samsung:universal_print_driverCVE-2024-3367
SeverityMEDIUMArgument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p26 and <2.3.0b5 allows local attacker to inject one argument to runmqsc
CVE-2024-33656
SeverityHIGHThe DXE module SmmComputrace contains a vulnerability that allows local attackers to leak stack or global memory. This could lead to privilege escalation, arbitrary code execution, and bypassing OS security mechanisms
CVE-2024-6685
SeverityLOWAn issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2, where group runners information was disclosed to unauthorised group members.
CVE-2024-6446
SeverityLOWAn issue has been discovered in GitLab affecting all versions starting from 17.1 to 17.1.7, 17.2 prior to 17.2.5 and 17.3 prior to 17.3.2. A crafted URL could be used to trick a victim to trust an attacker controlled application.
gitlab:gitlabCVE-2024-21687
SeverityHIGHThis High severity File Inclusion vulnerability was introduced in versions 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0 and 9.6.0 of Bamboo Data Center and Server. This File Inclusion vulnerability, with a CVSS Score of 8.1, allows an authenticated attacker to get the application to display the contents of a local file, or execute a different files already stored locally on the server which has high impact to confidentiality, high impact to integrity, no impact to availability, and requires no user interaction. Atlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions listed on this CVE See the release notes (https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html). You can download the latest version of Bamboo Data Center and Server from the download center (https://www.atlassian.com/software/bamboo/download-archives). This vulnerability was reported via our Bug Bounty program.
CVE-2024-38014
SeverityHIGHWindows Installer Elevation of Privilege Vulnerability
microsoft:windows_10_1507microsoft:windows_10_1607microsoft:windows_10_1809microsoft:windows_10_21h2microsoft:windows_10_22h2microsoft:windows_11_21h2microsoft:windows_11_22h2microsoft:windows_11_23h2microsoft:windows_11_24h2microsoft:windows_server_2008microsoft:windows_server_2012microsoft:windows_server_2016microsoft:windows_server_2019microsoft:windows_server_2022microsoft:windows_server_2022_23h2CVE-2024-38217
SeverityMEDIUMWindows Mark of the Web Security Feature Bypass Vulnerability
microsoft:windows_10_1507microsoft:windows_10_1607microsoft:windows_10_1809microsoft:windows_10_21h2microsoft:windows_10_22h2microsoft:windows_11_21h2microsoft:windows_11_22h2microsoft:windows_11_23h2microsoft:windows_11_24h2microsoft:windows_server_2008microsoft:windows_server_2012microsoft:windows_server_2016microsoft:windows_server_2019microsoft:windows_server_2022microsoft:windows_server_2022_23h2CVE-2024-38226
SeverityHIGHMicrosoft Publisher Security Feature Bypass Vulnerability
CVE-2024-43491
SeverityCRITICALMicrosoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). This means that an attacker could exploit these previously mitigated vulnerabilities on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB) systems that have installed the Windows security update released on March 12, 2024—KB5035858 (OS Build 10240.20526) or other updates released until August 2024. All later versions of Windows 10 are not impacted by this vulnerability. This servicing stack vulnerability is addressed by installing the September 2024 Servicing stack update (SSU KB5043936) AND the September 2024 Windows security update (KB5043083), in that order. Note: Windows 10, version 1507 reached the end of support (EOS) on May 9, 2017 for devices running the Pro, Home, Enterprise, Education, and Enterprise IoT editions. Only Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB editions are still under support.
microsoft:windows_10_1507CVE-2024-32840
SeverityHIGHAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
ivanti:endpoint_managerCVE-2024-32842
SeverityHIGHAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
ivanti:endpoint_managerCVE-2024-32843
SeverityHIGHAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
ivanti:endpoint_managerCVE-2024-32845
SeverityHIGHAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
ivanti:endpoint_managerCVE-2024-32846
SeverityHIGHAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
ivanti:endpoint_managerCVE-2024-32848
SeverityHIGHAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
ivanti:endpoint_managerCVE-2024-34779
SeverityHIGHAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
ivanti:endpoint_managerCVE-2024-34783
SeverityHIGHAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
ivanti:endpoint_managerCVE-2024-34785
SeverityHIGHAn unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution.
ivanti:endpoint_managerCVE-2024-6342
SeverityCRITICAL**UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of Zyxel NAS326 firmware versions through V5.21(AAZF.18)C0 and NAS542 firmware versions through V5.21(ABAG.15)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted HTTP POST request.
CVE-2024-24919
SeverityHIGHPotentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
checkpoint:quantum_security_gateway_firmwarecheckpoint:cloudguard_network_securitycheckpoint:quantum_spark_firmwareCVE-2024-39717
SeverityHIGHThe Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin. (Tenant level users do not have this privilege). The “Change Favicon” (Favorite Icon) option can be mis-used to upload a malicious file ending with .png extension to masquerade as image file. This is possible only after a user with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin has successfully authenticated and logged in.
versa-networks:versa_directorCVE-2024-40766
SeverityCRITICALAn improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.
sonicwall:sonicosCVE-2024-20398
SeverityHIGHA vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root.
CVE-2024-20304
SeverityHIGHA vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to exhaust the incoming UDP packet memory. The affected device would not be able to process higher-level UDP-based protocols packets, possibly causing a denial of service (DoS) condition. Note: This vulnerability can be exploited using IPv4 or IPv6.
CVE-2024-20381
SeverityHIGHA vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management interfaces of Cisco Crosswork Network Services Orchestrator (NSO), Cisco Optical Site Manager, and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device. This vulnerability is due to improper authorization checks on the API. An attacker with privileges sufficient to access the affected application or device could exploit this vulnerability by sending malicious requests to the JSON-RPC API. A successful exploit could allow the attacker to make unauthorized modifications to the configuration of the affected application or device, including creating new user accounts or elevating their own privileges on an affected system.
CVE-2024-20483
SeverityHIGHMultiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacker with Administrator-level privileges on the PON Manager or direct access to the PON Manager MongoDB instance to perform command injection attacks on the PON Controller container and execute arbitrary commands as root. These vulnerabilities are due to insufficient validation of arguments that are passed to specific configuration commands. An attacker could exploit these vulnerabilities by including crafted input as the argument of an affected configuration command. A successful exploit could allow the attacker to execute arbitrary commands as root on the PON controller.
CVE-2024-20489
SeverityHIGHA vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials. This vulnerability is due to improper storage of the unencrypted database credentials on the device that is running Cisco IOS XR Software. An attacker could exploit this vulnerability by accessing the configuration files on an affected system. A successful exploit could allow the attacker to view MongoDB credentials.
CVE-2024-20317
SeverityHIGHA vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System (NCS) platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect classification of certain types of Ethernet frames that are received on an interface. An attacker could exploit this vulnerability by sending specific types of Ethernet frames to or through the affected device. A successful exploit could allow the attacker to cause control plane protocol relationships to fail, resulting in a DoS condition. For more information, see the section of this advisory. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
CVE-2024-20406
SeverityHIGHA vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending specific IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process on all affected devices that are participating in the Flexible Algorithm to crash and restart, resulting in a DoS condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency. This vulnerability affects segment routing for IS-IS over IPv4 and IPv6 control planes as well as devices that are configured as level 1, level 2, or multi-level routing IS-IS type.
CVE-2024-20343
SeverityMEDIUMA vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the arguments that are passed to a specific CLI command. An attacker could exploit this vulnerability by logging in to an affected device with low-privileged credentials and using the affected command. A successful exploit could allow the attacker access files in read-only mode on the Linux file system.
CVE-2024-20390
SeverityMEDIUMA vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on XML TCP listen port 38751. This vulnerability is due to a lack of proper error validation of ingress XML packets. An attacker could exploit this vulnerability by sending a sustained, crafted stream of XML traffic to a targeted device. A successful exploit could allow the attacker to cause XML TCP port 38751 to become unreachable while the attack traffic persists.
CVE-2024-27132
SeverityHIGHInsufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over template variables.
CVE-2024-8640
SeverityHIGHAn issue has been discovered in GitLab EE affecting all versions starting from 16.11 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. Due to incomplete input filtering, it was possible to inject commands into a connected Cube server.
gitlab:gitlabCVE-2024-8124
SeverityHIGHAn issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.1.7, starting from 17.2 prior to 17.2.5, starting from 17.3 prior to 17.3.2 which could cause Denial of Service via sending a large `glm_source` parameter.
gitlab:gitlabCVE-2024-5655
SeverityHIGHAn issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certain circumstances.
gitlab:gitlabCVE-2024-6385
SeverityCRITICALAn issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows an attacker to trigger a pipeline as another user under certain circumstances.
gitlab:gitlabCVE-2024-33051
SeverityHIGHTransient DOS while processing TIM IE from beacon frame as there is no check for IE length.
qualcomm:315_5g_iot_firmwarequalcomm:9206_lte_firmwarequalcomm:apq8017_firmwarequalcomm:aqt1000_firmwarequalcomm:ar8031_firmwarequalcomm:ar8035_firmwarequalcomm:csra6620_firmwarequalcomm:csra6640_firmwarequalcomm:csrb31024_firmwarequalcomm:fastconnect_6200_firmwarequalcomm:fastconnect_6700_firmwarequalcomm:fastconnect_6800_firmwarequalcomm:fastconnect_6900_firmwarequalcomm:fastconnect_7800_firmwarequalcomm:flight_rb5_5g_firmwarequalcomm:home_hub_100_firmwarequalcomm:mdm8215_firmwarequalcomm:mdm9215_firmwarequalcomm:mdm9250_firmwarequalcomm:mdm9310_firmwarequalcomm:mdm9615_firmwarequalcomm:mdm9628_firmwarequalcomm:mdm9640_firmwarequalcomm:mdm9645_firmwarequalcomm:mdm9650_firmwarequalcomm:msm8996au_firmwarequalcomm:qam8255p_firmwarequalcomm:qam8295p_firmwarequalcomm:qam8620p_firmwarequalcomm:qam8650p_firmwarequalcomm:qam8775p_firmwarequalcomm:qamsrv1h_firmwarequalcomm:qamsrv1m_firmwarequalcomm:qca1062_firmwarequalcomm:qca1064_firmwarequalcomm:qca2062_firmwarequalcomm:qca2064_firmwarequalcomm:qca2065_firmwarequalcomm:qca2066_firmwarequalcomm:qca6174_firmwarequalcomm:qca6174a_firmwarequalcomm:qca6175a_firmwarequalcomm:qca6310_firmwarequalcomm:qca6320_firmwarequalcomm:qca6335_firmwarequalcomm:qca6391_firmwarequalcomm:qca6420_firmwarequalcomm:qca6421_firmwarequalcomm:qca6426_firmwarequalcomm:qca6430_firmwarequalcomm:qca6431_firmwarequalcomm:qca6436_firmwarequalcomm:qca6554a_firmwarequalcomm:qca6564_firmwarequalcomm:qca6564a_firmwarequalcomm:qca6564au_firmwarequalcomm:qca6574_firmwarequalcomm:qca6574a_firmwarequalcomm:qca6574au_firmwarequalcomm:qca6584_firmwarequalcomm:qca6584au_firmwarequalcomm:qca6595_firmwarequalcomm:qca6595au_firmwarequalcomm:qca6678aq_firmwarequalcomm:qca6688aq_firmwarequalcomm:qca6696_firmwarequalcomm:qca6698aq_firmwarequalcomm:qca6797aq_firmwarequalcomm:qca8081_firmwarequalcomm:qca8337_firmwarequalcomm:qca9367_firmwarequalcomm:qca9377_firmwarequalcomm:qca9378_firmwarequalcomm:qca9379_firmwarequalcomm:qca9984_firmwarequalcomm:qcc2073_firmwarequalcomm:qcc2076_firmwarequalcomm:qcc710_firmwarequalcomm:qcm2290_firmwarequalcomm:qcm4290_firmwarequalcomm:qcm4325_firmwarequalcomm:qcm4490_firmwarequalcomm:qcm5430_firmwarequalcomm:qcm6125_firmwarequalcomm:qcm6490_firmwarequalcomm:qcm8550_firmwarequalcomm:qcn6024_firmwarequalcomm:qcn6224_firmwarequalcomm:qcn6274_firmwarequalcomm:qcn7605_firmwarequalcomm:qcn7606_firmwarequalcomm:qcn9011_firmwarequalcomm:qcn9012_firmwarequalcomm:qcn9024_firmwarequalcomm:qcn9074_firmwarequalcomm:qcs2290_firmwarequalcomm:qcs410_firmwarequalcomm:qcs4290_firmwarequalcomm:qcs4490_firmwarequalcomm:qcs5430_firmwarequalcomm:qcs610_firmwarequalcomm:qcs6125_firmwarequalcomm:qcs6490_firmwarequalcomm:qcs7230_firmwarequalcomm:qcs8250_firmwarequalcomm:qcs8550_firmwarequalcomm:qep8111_firmwarequalcomm:qfw7114_firmwarequalcomm:qfw7124_firmwarequalcomm:qrb5165m_firmwarequalcomm:qrb5165n_firmwarequalcomm:qsm8250_firmwarequalcomm:qsm8350_firmwarequalcomm:video_collaboration_vc1_firmwarequalcomm:video_collaboration_vc3_firmwarequalcomm:video_collaboration_vc5_firmwarequalcomm:robotics_rb3_firmwarequalcomm:robotics_rb5_firmwarequalcomm:sa4150p_firmwarequalcomm:sa4155p_firmwarequalcomm:sa6145p_firmwarequalcomm:sa6150p_firmwarequalcomm:sa6155_firmwarequalcomm:sa6155p_firmwarequalcomm:sa7255p_firmwarequalcomm:sa7775p_firmwarequalcomm:sa8145p_firmwarequalcomm:sa8150p_firmwarequalcomm:sa8155_firmwarequalcomm:sa8155p_firmwarequalcomm:sa8195p_firmwarequalcomm:sa8255p_firmwarequalcomm:sa8295p_firmwarequalcomm:sa8620p_firmwarequalcomm:sa8650p_firmwarequalcomm:sa8770p_firmwarequalcomm:sa8775p_firmwarequalcomm:sa9000p_firmwarequalcomm:sc8180x_firmwarequalcomm:sdx55_firmwarequalcomm:sc8380xp_firmwarequalcomm:sd_455_firmwarequalcomm:sd_675_firmwarequalcomm:sd_8_gen1_5g_firmwarequalcomm:sd_8cx_firmwarequalcomm:sd460_firmwarequalcomm:sd660_firmwarequalcomm:sd662_firmwarequalcomm:sd670_firmwarequalcomm:sd675_firmwarequalcomm:sd730_firmwarequalcomm:sd835_firmwarequalcomm:sd855_firmwarequalcomm:sd865_5g_firmwarequalcomm:sd888_firmwarequalcomm:sdx20m_firmwarequalcomm:sdx61_firmwarequalcomm:sg4150p_firmwarequalcomm:sm4125_firmwarequalcomm:sm6250_firmwarequalcomm:sm6250p_firmwarequalcomm:sm6370_firmwarequalcomm:sm7250p_firmwarequalcomm:sm7315_firmwarequalcomm:sm7325p_firmwarequalcomm:sm8550p_firmwarequalcomm:sm8635_firmwarequalcomm:smart_audio_200_firmwarequalcomm:smart_audio_400_firmwarequalcomm:snapdragon_1200_wearable_firmwarequalcomm:snapdragon_4_gen_1_firmwarequalcomm:snapdragon_4_gen_2_firmwarequalcomm:snapdragon_460_firmwarequalcomm:snapdragon_480_5g_firmwarequalcomm:snapdragon_480\+_5g_firmwarequalcomm:snapdragon_630_firmwarequalcomm:snapdragon_636_firmwarequalcomm:snapdragon_660_firmwarequalcomm:snapdragon_662_firmwarequalcomm:snapdragon_665_firmwarequalcomm:snapdragon_670_firmwarequalcomm:snapdragon_675_firmwarequalcomm:snapdragon_678_firmwarequalcomm:snapdragon_680_4g_firmwarequalcomm:snapdragon_685_4g_firmwarequalcomm:snapdragon_690_5g_firmwarequalcomm:snapdragon_695_5g_firmwarequalcomm:snapdragon_710_firmwarequalcomm:snapdragon_712_firmwarequalcomm:snapdragon_720g_firmwarequalcomm:snapdragon_730_firmwarequalcomm:snapdragon_730g_firmwarequalcomm:snapdragon_732g_firmwarequalcomm:snapdragon_750g_5g_firmwarequalcomm:snapdragon_765_5g_firmwarequalcomm:snapdragon_765g_5g_firmwarequalcomm:snapdragon_768g_5g_firmwarequalcomm:snapdragon_778g_5g_firmwarequalcomm:snapdragon_778g\+_5g_firmwarequalcomm:snapdragon_780g_5g_firmwarequalcomm:snapdragon_782g_firmwarequalcomm:snapdragon_7c_compute_firmwarequalcomm:snapdragon_7c_gen_2_compute_firmwarequalcomm:snapdragon_7c\+_gen_3_compute_firmwarequalcomm:snapdragon_8_gen_1_firmwarequalcomm:snapdragon_8_gen_2_firmwarequalcomm:snapdragon_8_gen_3_firmwarequalcomm:snapdragon_8\+_gen_1_firmwarequalcomm:snapdragon_8\+_gen_2_firmwarequalcomm:snapdragon_820_automotive_firmwarequalcomm:snapdragon_835_pc_firmwarequalcomm:snapdragon_845_firmwarequalcomm:snapdragon_850_compute_firmwarequalcomm:snapdragon_855_firmwarequalcomm:snapdragon_855\+_firmwarequalcomm:snapdragon_860_firmwarequalcomm:snapdragon_865_5g_firmwarequalcomm:snapdragon_865\+_5g_firmwarequalcomm:snapdragon_870_5g_firmwarequalcomm:snapdragon_888_5g_firmwarequalcomm:snapdragon_888\+_5g_firmwarequalcomm:snapdragon_8c_compute_firmwarequalcomm:snapdragon_8cx_compute_firmwarequalcomm:snapdragon_8cx_gen_2_5g_compute_firmwarequalcomm:snapdragon_8cx_gen_3_compute_firmwarequalcomm:snapdragon_ar2_gen_1_firmwarequalcomm:snapdragon_auto_5g-rf_firmwarequalcomm:snapdragon_auto_5g-rf_gen_2_firmwarequalcomm:snapdragon_w5\+_gen_1_wearable_firmwarequalcomm:snapdragon_x12_lte_firmwarequalcomm:snapdragon_x35_5g-rf_system_firmwarequalcomm:snapdragon_x5_lte_firmwarequalcomm:snapdragon_x50_5g-rf_system_firmwarequalcomm:snapdragon_x55_5g-rf_system_firmwarequalcomm:snapdragon_x62_5g-rf_system_firmwarequalcomm:snapdragon_x65_5g-rf_system_firmwarequalcomm:snapdragon_x72_5g-rf_system_firmwarequalcomm:snapdragon_x75_5g-rf_system_firmwarequalcomm:snapdragon_xr1_firmwarequalcomm:snapdragon_xr2_5g_firmwarequalcomm:snapdragon_xr2\+_gen_1_firmwarequalcomm:snapdragon_auto_4g_firmwarequalcomm:srv1h_firmwarequalcomm:srv1l_firmwarequalcomm:srv1m_firmwarequalcomm:ssg2115p_firmwarequalcomm:ssg2125p_firmwarequalcomm:sw5100_firmwarequalcomm:sw5100p_firmwarequalcomm:sxr1120_firmwarequalcomm:sxr1230p_firmwarequalcomm:sxr2130_firmwarequalcomm:sxr2230p_firmwarequalcomm:sxr2250p_firmwarequalcomm:vision_intelligence_300_firmwarequalcomm:vision_intelligence_400_firmwarequalcomm:wcd9326_firmwarequalcomm:wcd9330_firmwarequalcomm:wcd9335_firmwarequalcomm:wcd9340_firmwarequalcomm:wcd9341_firmwarequalcomm:wcd9360_firmwarequalcomm:wcd9370_firmwarequalcomm:wcd9371_firmwarequalcomm:wcd9375_firmwarequalcomm:wcd9380_firmwarequalcomm:wcd9385_firmwarequalcomm:wcd9390_firmwarequalcomm:wcd9395_firmwarequalcomm:wcn3610_firmwarequalcomm:wcn3615_firmwarequalcomm:wcn3660b_firmwarequalcomm:wcn3910_firmwarequalcomm:wcn3950_firmwarequalcomm:wcn3980_firmwarequalcomm:wcn3988_firmwarequalcomm:wcn3990_firmwarequalcomm:wcn3999_firmwarequalcomm:wcn6740_firmwarequalcomm:wcn6755_firmwarequalcomm:wcn7880_firmwarequalcomm:wsa8810_firmwarequalcomm:wsa8815_firmwarequalcomm:wsa8830_firmwarequalcomm:wsa8832_firmwarequalcomm:wsa8835_firmwarequalcomm:wsa8840_firmwarequalcomm:wsa8845_firmwarequalcomm:wsa8845h_firmwareCVE-2024-8278
SeverityHIGHA privilege escalation vulnerability was discovered in XCC that could allow a valid, authenticated XCC user with elevated privileges to perform command injection via specially crafted IPMI commands.
CVE-2024-4885
SeverityCRITICALIn WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold. The WhatsUp.ExportUtilities.Export.GetFileWithoutZip allows execution of commands with iisapppool\nmconsole privileges.
progress:whatsup_goldCVE-2024-29874
SeverityCRITICALSQL injection vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/default/reports/activeuserrptpdf, 'sort_name' parameter. The exploitation of this vulnerability could allow a remote user to send a specially crafted query to the server and extract all the data from it.
CVE-2024-6053
SeverityMEDIUMImproper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.
CVE-2024-8635
SeverityMEDIUMA server-side request forgery issue has been discovered in GitLab EE affecting all versions starting from 16.8 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It was possible for an attacker to make requests to internal resources using a custom Maven Dependency Proxy URL
gitlab:gitlabCVE-2024-8641
SeverityMEDIUMAn issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It may have been possible for an attacker with a victim's CI_JOB_TOKEN to obtain a GitLab session token belonging to the victim.
CVE-2024-8311
SeverityMEDIUMAn issue was discovered with pipeline execution policies in GitLab EE affecting all versions from 17.2 prior to 17.2.5, 17.3 prior to 17.3.2 which allows authenticated users to bypass variable overwrite protection via inclusion of a CI/CD template.
CVE-2024-4660
SeverityHIGHAn issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates.
gitlab:gitlabCVE-2024-4283
SeverityMEDIUMAn issue has been discovered in GitLab EE affecting all versions starting from 11.1 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. Under certain conditions an open redirect vulnerability could allow for an account takeover by breaking the OAuth flow.
CVE-2024-4612
SeverityMEDIUMAn issue has been discovered in GitLab EE affecting all versions starting from 12.9 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. Under certain conditions an open redirect vulnerability could allow for an account takeover by breaking the OAuth flow.
gitlab:gitlabCVE-2024-8631
SeverityHIGHA privilege escalation issue has been discovered in GitLab EE affecting all versions starting from 16.6 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. A user assigned the Admin Group Member custom role could have escalated their privileges to include other custom roles.
gitlab:gitlabCVE-2024-2763
SeverityHIGHA vulnerability, which was classified as critical, has been found in Tenda AC10U 15.03.06.48. Affected by this issue is the function formSetCfm of the file goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257600. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.