Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-11 | CVE-2024-47509 | An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. | 6.5 |
| 2024-10-11 | CVE-2024-4089 | Uncontrolled Search Path Element vulnerability in Lenovo Superfile A DLL hijack vulnerability was reported in Lenovo Super File that could allow a local attacker to execute code with elevated privileges. | 7.8 |
| 2024-10-11 | CVE-2024-4130 | Uncontrolled Search Path Element vulnerability in Lenovo APP Store A DLL hijack vulnerability was reported in Lenovo App Store that could allow a local attacker to execute code with elevated privileges. | 7.8 |
| 2024-10-11 | CVE-2024-4131 | Uncontrolled Search Path Element vulnerability in Lenovo Emulator A DLL hijack vulnerability was reported in Lenovo Emulator that could allow a local attacker to execute code with elevated privileges. | 7.8 |
| 2024-10-11 | CVE-2024-4132 | Uncontrolled Search Path Element vulnerability in Lenovo Lock Screen A DLL hijack vulnerability was reported in Lenovo Lock Screen that could allow a local attacker to execute code with elevated privileges. | 7.8 |
| 2024-10-11 | CVE-2024-5474 | Incorrect Default Permissions vulnerability in Lenovo Dolby Vision Provisioning A potential information disclosure vulnerability was reported in Lenovo's packaging of Dolby Vision Provisioning software prior to version 2.0.0.2 that could allow a local attacker to read files on the system with elevated privileges during installation of the package. | 5.5 |
| 2024-10-11 | CVE-2024-6985 | Relative Path Traversal vulnerability in Lollms A path traversal vulnerability exists in the api open_personality_folder endpoint of parisneo/lollms-webui. | 4.4 |
| 2024-10-11 | CVE-2024-8376 | Improper Handling of Exceptional Conditions vulnerability in Eclipse Mosquitto In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" packets. | 7.5 |
| 2024-10-11 | CVE-2024-9046 | Uncontrolled Search Path Element vulnerability in Lenovo Starstudio A DLL hijack vulnerability was reported in Lenovo stARstudio that could allow a local attacker to execute code with elevated privileges. | 7.8 |
| 2024-10-11 | CVE-2024-25622 | Always-Incorrect Control Flow Implementation vulnerability in Dena H2O h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. | 4.3 |