Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-11 CVE-2024-8376 Improper Handling of Exceptional Conditions vulnerability in Eclipse Mosquitto
In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" packets.
network
low complexity
eclipse CWE-755
7.5
7.5
2024-10-11 CVE-2024-9046 Uncontrolled Search Path Element vulnerability in Lenovo Starstudio
A DLL hijack vulnerability was reported in Lenovo stARstudio that could allow a local attacker to execute code with elevated privileges.
local
low complexity
lenovo CWE-427
7.8
7.8
2024-10-11 CVE-2024-45396 Reachable Assertion vulnerability in Dena Quicly
Quicly is an IETF QUIC protocol implementation.
network
low complexity
dena CWE-617
7.5
7.5
2024-10-11 CVE-2024-45397 Authentication Bypass by Spoofing vulnerability in Dena H2O
h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3.
network
low complexity
dena CWE-290
7.5
7.5
2024-10-11 CVE-2024-45403 Reachable Assertion vulnerability in Dena H2O
h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3.
network
low complexity
dena CWE-617
7.5
7.5
2024-10-11 CVE-2024-8970 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows an attacker to trigger a pipeline as another user under certain circumstances.
network
low complexity
gitlab
8.8
8.8
2024-10-11 CVE-2024-9164 Unspecified vulnerability in Gitlab
An issue was discovered in GitLab EE affecting all versions starting from 12.5 prior to 17.2.9, starting from 17.3, prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows running pipelines on arbitrary branches.
network
low complexity
gitlab
8.8
8.8
2024-10-10 CVE-2024-47867 Unspecified vulnerability in Gradio Project Gradio
Gradio is an open-source Python package designed for quick prototyping.
network
low complexity
gradio-project
7.5
7.5
2024-10-10 CVE-2024-47868 Path Traversal vulnerability in Gradio Project Gradio
Gradio is an open-source Python package designed for quick prototyping.
network
low complexity
gradio-project CWE-22
7.5
7.5
2024-10-10 CVE-2024-47870 Race Condition vulnerability in Gradio Project Gradio
Gradio is an open-source Python package designed for quick prototyping.
network
high complexity
gradio-project CWE-362
8.1
8.1