CVE-2024-31444
- EPSS 14.66%
- Veröffentlicht 14.05.2024 15:25:20
- Zuletzt bearbeitet 04.11.2025 17:15:50
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concaten...
CVE-2024-29894
- EPSS 0.9%
- Veröffentlicht 14.05.2024 15:17:14
- Zuletzt bearbeitet 18.12.2024 21:10:38
Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/func...
CVE-2024-27834
- EPSS 0.6%
- Veröffentlicht 14.05.2024 15:13:06
- Zuletzt bearbeitet 02.04.2026 19:17:27
The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker with arbitrary read and write capability may be able to ...
CVE-2024-27400
- EPSS 0.24%
- Veröffentlicht 14.05.2024 15:12:29
- Zuletzt bearbeitet 23.12.2025 19:05:59
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 This reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap. The basic problem here is that af...
CVE-2024-27401
- EPSS 0.3%
- Veröffentlicht 14.05.2024 15:12:29
- Zuletzt bearbeitet 22.01.2026 20:39:28
In the Linux kernel, the following vulnerability has been resolved: firewire: nosy: ensure user_length is taken into account when fetching packet contents Ensure that packet_buffer_get respects the user_length provided. If the length of the head pa...
CVE-2024-27398
- EPSS 0.76%
- Veröffentlicht 14.05.2024 15:12:28
- Zuletzt bearbeitet 22.01.2026 20:37:07
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the sco connection is established and then, the sco socket is releasing, timeout_work will be scheduled to judge ...
CVE-2024-27399
- EPSS 0.3%
- Veröffentlicht 14.05.2024 15:12:28
- Zuletzt bearbeitet 22.01.2026 20:37:12
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout There is a race condition between l2cap_chan_timeout() and l2cap_chan_del(). When we use l2cap_chan_del() to delete the c...
CVE-2024-25641
- EPSS 86.3%
- Veröffentlicht 14.05.2024 15:05:50
- Zuletzt bearbeitet 04.11.2025 17:15:46
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permis...
CVE-2024-4558
- EPSS 1.34%
- Veröffentlicht 07.05.2024 19:15:08
- Zuletzt bearbeitet 04.11.2025 18:16:42
Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-4559
- EPSS 1.03%
- Veröffentlicht 07.05.2024 19:15:08
- Zuletzt bearbeitet 19.12.2024 20:47:26
Heap buffer overflow in WebAudio in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)