Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-12 | CVE-2024-45182 | Out-of-bounds Read vulnerability in Wibu Wibukey An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70 An improper bounds check allows specially crafted packets to cause an arbitrary address read, resulting in Denial of Service. | 5.5 |
| 2024-09-12 | CVE-2024-45303 | Cross-site Scripting vulnerability in Discourse Calendar 0.2 Discourse Calendar plugin adds the ability to create a dynamic calendar in the first post of a topic to Discourse. | 6.1 |
| 2024-09-12 | CVE-2024-45383 | Unspecified vulnerability in Microsoft High Definition Audio BUS Driver 10.0.19041.3636 A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636 (WinBuild.160101.0800). | 5.0 |
| 2024-09-12 | CVE-2024-4472 | Information Exposure Through Log Files vulnerability in Gitlab An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, where dependency proxy credentials are retained in graphql Logs. | 5.5 |
| 2024-09-12 | CVE-2024-6678 | Authentication Bypass by Spoofing vulnerability in Gitlab An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, which allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances. | 8.8 |
| 2024-09-12 | CVE-2024-8311 | Unspecified vulnerability in Gitlab An issue was discovered with pipeline execution policies in GitLab EE affecting all versions from 17.2 prior to 17.2.5, 17.3 prior to 17.3.2 which allows authenticated users to bypass variable overwrite protection via inclusion of a CI/CD template. | 6.5 |
| 2024-09-12 | CVE-2024-8641 | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. | 8.8 |
| 2024-09-12 | CVE-2020-24061 | Cross-site Scripting vulnerability in Kasdanet Kw5515 Firmware 4.3.1.0 Cross Site Scripting (XSS) Vulnerability in Firewall menu in Control Panel in KASDA KW5515 version 4.3.1.0, allows attackers to execute arbitrary code and steal cookies via a crafted script | 4.3 |
| 2024-09-12 | CVE-2024-41629 | Cleartext Storage of Sensitive Information vulnerability in TI Fusion Digital Power Designer 7.10.1 An issue in Texas Instruments Fusion Digital Power Designer v.7.10.1 allows a local attacker to obtain sensitive information via the plaintext storage of credentials | 5.5 |
| 2024-09-12 | CVE-2024-8695 | Unspecified vulnerability in Docker Desktop A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2. | 9.8 |