Aggregator

A vulnerability classified as problematic was found in mailcow-dockerized. Affected by this vulnerability is an unknown functionality of the component API Log Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-41959. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in kubean-io kubean up to 0.17.x. Affected is an unknown function. The manipulation leads to incorrect permission assignment. This vulnerability is traded as CVE-2024-41820. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in mailcow-dockerized. It has been rated as problematic. This issue affects some unknown processing of the component Two-factor Authentication Handler. The manipulation leads to incorrect comparison. The identification of this vulnerability is CVE-2024-41958. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Icinga ipl-web up to 0.10.0. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-41811. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-7055. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Natnael Samson (@NattiSamson)' was reported to the affected vendor on: 2024-08-06, 63 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Natnael Samson (@NattiSamson)' was reported to the affected vendor on: 2024-08-06, 63 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Natnael Samson (@NattiSamson)' was reported to the affected vendor on: 2024-08-06, 63 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Natnael Samson (@NattiSamson)' was reported to the affected vendor on: 2024-08-06, 63 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Andy Niu of Trend Micro Security Research' was reported to the affected vendor on: 2024-08-06, 63 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Natnael Samson (@NattiSamson)' was reported to the affected vendor on: 2024-08-06, 63 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Andrea Micalizzi aka rgod (@rgod777)' was reported to the affected vendor on: 2024-08-06, 63 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Mat Powell of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-08-06, 63 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Natnael Samson (@NattiSamson)' was reported to the affected vendor on: 2024-08-06, 63 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H severity vulnerability discovered by 'Abdessamad Lahlali and Smile Thanapattheerakul of Trend Micro' was reported to the affected vendor on: 2024-08-06, 2 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'dw0r of ZeroPointer Lab' was reported to the affected vendor on: 2024-08-06, 50 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Natnael Samson (@NattiSamson)' was reported to the affected vendor on: 2024-08-06, 63 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Natnael Samson (@NattiSamson)' was reported to the affected vendor on: 2024-08-06, 63 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.1 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H severity vulnerability discovered by 'Abdessamad Lahlali and Smile Thanapattheerakul of Trend Micro' was reported to the affected vendor on: 2024-08-06, 2 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N severity vulnerability discovered by 'Abdessamad Lahlali and Smile Thanapattheerakul of Trend Micro' was reported to the affected vendor on: 2024-08-06, 2 days ago. The vendor is given until 2024-12-04 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.