6.5
CVE-2024-38359 - Lightning Network Daemon Onion Bomb
The Lightning Network Daemon (lnd) - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version > v0.17.0 to beβ¦
9.1
CVE-2024-37899 - Disabling a user account changes its author, allowing RCE from user account in XWiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When an admin disables a user account, the user's profile is executed with the admin's rights. This allows a user to place malicious code in the user profile before getting an admin to disable tβ¦
8.7
CVE-2024-32943 - Westermo L210-F2G Lynx Improper Control of Interaction Frequency
An attacker may be able to cause a denial-of-service condition by sending many SSH packets repeatedly.
8.7
CVE-2024-35246 - Westermo L210-F2G Lynx Improper Control of Interaction Frequency
An attacker may be able to cause a denial-of-service condition by sending many packets repeatedly.
6.9
CVE-2024-37183 - Westermo L210-F2G Lynx Cleartext Transmission of Sensitive Information
Plain text credentials and session ID can be captured with a network sniffer.
7.6
CVE-2024-5746 -
A Server-Side Request Forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker with the Site Administrator role to gain arbitrary code execution capability on the GitHub Enterprise Server instance. Exploitation required authenticated access to GitHub Enterprise Servβ¦
6.7
CVE-2024-6154 - Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guβ¦
7.8
CVE-2024-6153 - Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability
Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows local attackers to downgrade Parallels software on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target hβ¦
7.8
CVE-2024-6147 - Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability
Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged code on the target system in order toβ¦
4.7
CVE-2024-38082 - Microsoft Edge (Chromium-based) Spoofing Vulnerability
Microsoft Edge (Chromium-based) Spoofing Vulnerability