CVE-2024-47904

CVE-2024-47904 affects Siemens InterMesh Subscriber devices: InterMesh 7177 Hybrid 2.0 Subscriber (all versions < V8.2.12) and InterMesh 7707 Fire Subscriber (all versions

CVE-2024-47904

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber All versions V8.2.12, InterMesh 7707 Fire Subscriber All versions V7.2.12 only if the IP interface is enabled which is not the default configuration. The affected devices contain a SUID binary that could allow an...

Siemens InterMesh 7177和Siemens InterMesh 7707 安全漏洞

InterMesh is a wireless alarm reporting system that uses mesh wireless network technology to transmit alarm signals. An incorrect privilege assignment vulnerability exists in Siemens InterMesh Subscriber Devices, which is due to an affected device containing a SUID binary file that can be exploit...

PT-2024-32880 · Intermesh · Intermesh 7177 Hybrid 2.0 Subscriber +1

Name of the Vulnerable Software and Affected Versions: InterMesh 7177 Hybrid 2.0 Subscriber versions prior to 8.2.12 InterMesh 7707 Fire Subscriber versions prior to 7.2.12 Description: A vulnerability has been identified that could allow an authenticated local attacker to execute arbitrary...

Ubuntu: Security Advisory (USN-7062-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-49006 tracing: Free buffers when a used dynamic event is removed

In the Linux kernel, the following vulnerability has been resolved: tracing: Free buffers when a used dynamic event is removed After 65536 dynamic events have been added and removed, the "type" field of the event then uses the first type number that is available not currently used by other events...

CVE-2022-48994 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...

USN-7062-2 libgsf vulnerabilities

USN-7062-1 fixed vulnerabilities in libgsf. This update provides the corresponding updates for Ubuntu 24.10. Original advisory details: It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially...

USN-7062-2: libgsf vulnerabilities

USN-7062-1 fixed vulnerabilities in libgsf. This update provides the corresponding updates for Ubuntu 24.10. Original advisory details: It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially...

Adobe Illustrator < 24.0 Multiple Vulnerabilities (APSB19-36)

The version of Adobe Illustrator installed on the remote Windows host is prior to 24.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB19-36 advisory. - Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation...

Adobe Illustrator < 24.0 Multiple Vulnerabilities (APSB19-36) (macOS)

The version of Adobe Illustrator installed on the remote macOS host is prior to 24.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB19-36 advisory. - Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability. Successful exploitation...

Grafana Command Injection And Local File Inclusion Via Sql Expressions

The SQL Expressions experimental feature of Grafana allows for the evaluation of duckdb queries containing user input. These queries are insufficiently sanitized before being passed to duckdb, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or highe...

CVE-2024-9264

The SQL Expressions experimental feature of Grafana allows for the evaluation of duckdb queries containing user input. These queries are insufficiently sanitized before being passed to duckdb, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or highe...

Autodesk Revit Installed (Windows)

Binary data autodeskrevitwininstalled.nbin...

Palo Alto Networks Expedition Multiple Vulnerabilities (CVE-2024-9463)

Binary data paloaltoexpeditionCVE-2024-9463.nbin...

CVE-2024-10100

A path traversal vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability is due to improper handling of the file parameter, which is open to path traversal through URL encoding. This allows attackers to view any file on the host system, including sensitive files such as...

CVE-2024-10100

A path traversal vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability is due to improper handling of the file parameter, which is open to path traversal through URL encoding. This allows attackers to view any file on the host system, including sensitive files such as...

CVE-2024-10101

A stored cross-site scripting XSS vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability occurs at the /file endpoint, which renders HTML files. Malicious HTML files containing XSS payloads can be uploaded and stored in the backend, leading to the execution of the payloa...

CVE-2024-10101 Stored XSS in binary-husky/gpt_academic

A stored cross-site scripting XSS vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability occurs at the /file endpoint, which renders HTML files. Malicious HTML files containing XSS payloads can be uploaded and stored in the backend, leading to the execution of the payloa...

CVE-2024-10101 Stored XSS in binary-husky/gpt_academic

A stored cross-site scripting XSS vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability occurs at the /file endpoint, which renders HTML files. Malicious HTML files containing XSS payloads can be uploaded and stored in the backend, leading to the execution of the payloa...