Total
646 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-24562 | 2024-08-01 | 5.4 Medium | ||
vantage6-UI is the official user interface for the vantage6 server. In affected versions a number of security headers are not set. This issue has been addressed in commit `68dfa6614` which is expected to be included in future releases. Users are advised to upgrade when a new release is made. While an upgrade path is not available users may modify the docker image build to insert the headers into nginx. | ||||
CVE-2024-22049 | 1 John Nunemaker | 1 Httparty | 2024-08-01 | 5.3 Medium |
httparty before 0.21.0 is vulnerable to an assumed-immutable web parameter vulnerability. A remote and unauthenticated attacker can provide a crafted filename parameter during multipart/form-data uploads which could result in attacker controlled filenames being written. | ||||
CVE-2024-21813 | 2024-08-01 | 7.9 High | ||
Exposure of resource to wrong sphere in some Intel(R) DTT software installers may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
CVE-2024-21597 | 1 Juniper | 1 Junos | 2024-08-01 | 5.3 Medium |
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric (AF) scenario if routing-instances (RI) are configured, specific valid traffic destined to the device can bypass the configured lo0 firewall filters as it's received in the wrong RI context. This issue affects Juniper Networks Junos OS on MX Series: * All versions earlier than 20.4R3-S9; * 21.2 versions earlier than 21.2R3-S3; * 21.4 versions earlier than 21.4R3-S5; * 22.1 versions earlier than 22.1R3; * 22.2 versions earlier than 22.2R3; * 22.3 versions earlier than 22.3R2. | ||||
CVE-2024-20694 | 1 Microsoft | 17 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 14 more | 2024-08-01 | 5.5 Medium |
Windows CoreMessaging Information Disclosure Vulnerability | ||||
CVE-2024-20692 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2024-08-01 | 5.7 Medium |
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability |