CVE-2024-37027

Improper Input validation in some IntelR VTuneTM Profiler software before version 2024.2.0 may allow an authenticated user to potentially enable denial of service via local access...

PT-2024-27250 · Intel · Intel Vtune Profiler

Name of the Vulnerable Software and Affected Versions: IntelR VTuneTM Profiler versions prior to 2024.2.0 Description: The issue is related to improper input validation, which may allow an authenticated user to potentially enable denial of service via local access. Recommendations: For versions...

CVE-2024-3995 Command Injection in Helix ALM

In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins...

CVE-2024-3995 Command Injection in Helix ALM

In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins...

PT-2024-21634 · Esphome · Esphome

Name of the Vulnerable Software and Affected Versions: ESPHome versions 2023.12.9 through 2024.2.0 Description: A security misconfiguration in the edit configuration file API in the dashboard component of ESPHome allows authenticated remote attackers to read and write arbitrary files under the...

Design/Logic Flaw

Misskey is an open source, decentralized social media platform with ActivityPub support. Prior to version 2024.2.0, when fetching remote Activity Streams objects, Misskey doesn't check that the response from the remote server has a Content-Type header value of the Activity Streams media type, whi...

Misskey Code Issues Vulnerabilities

Misskey is a suite of micro-blogging platforms. A code issue vulnerability exists in Misskey versions prior to 2024.2.0. An attacker exploited the vulnerability to impersonate and take over an account on a remote server...