7.5
CVE-2024-53857 - rPGP Potential Resource Exhaustion when handling Untrusted Messages
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted messages. This affects general message parsing and decryption with symmetric keys.
4.6
CVE-2024-12247 - Improper propagation of permission scheme updates across cluster nodes
Mattermost versions 9.7.x <= 9.7.5, 9.8.x <= 9.8.2 and 9.9.x <= 9.9.2 fail to properly propagate permission scheme updates across cluster nodes which allows a user to keep old permissions, even if the permission scheme has been updated.
5.5
CVE-2024-54001 - Kanboard allows a persistent HTML injection site scripting in settings page date format
Kanboard is project management software that focuses on the Kanban methodology. HTML can be injected and stored into the application settings section. The fields application_language, application_date_format,application_timezone and application_time_format allow arbirary user input which is reflectβ¦
9.2
CVE-2024-54129 - Improper Initialization of `imc` Scheme Leading to `SIGABRT` in ION-DTN BPv7
The NASAβs Interplanetary Overlay Network (ION) is an implementation of Delay/Disruption Tolerant Networking (DTN). A vulnerability exists in the version ION-DTN BPv7 implementation version 4.1.3 when receiving a bundle with an improper reference to the imc scheme with valid Service-Specific Part (β¦
9.2
CVE-2024-54130 - Segmentation Fault in `forwardBundle` Function of ION-DTN BPv7 When Destination EID is `dtn:none` (β¦
The NASAβs Interplanetary Overlay Network (ION) is an implementation of Delay/Disruption Tolerant Networking (DTN). A segmentation fault occurs with ION-DTN BPv7 software version 4.1.3 when a bundle with a Destination Endpoint ID (EID) set to dtn:none is received. This causes the node to become unrβ¦
0.0
CVE-2024-12246 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.9
CVE-2024-11942 - Drupal core - Moderately critical - Improper error handling - SA-CORE-2024-002
A vulnerability in Drupal Core allows File Manipulation.This issue affects Drupal Core: from 10.0.0 before 10.2.10.
7.5
CVE-2024-11941 - Drupal core - Moderately critical - Denial of Service - SA-CORE-2024-001
A vulnerability in Drupal Core allows Excessive Allocation.This issue affects Drupal Core: from 10.2.0 before 10.2.2, from 10.1.0 before 10.1.8.
6.9
CVE-2024-12230 - PHPGurukul Complaint Management System subcategory.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Complaint Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/subcategory.php. The manipulation of the argument category leads to sql injection. The attack may be launched remoβ¦
6.9
CVE-2024-12229 - PHPGurukul Complaint Management System complaint-search.php sql injection
A vulnerability classified as critical was found in PHPGurukul Complaint Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/complaint-search.php. The manipulation of the argument search leads to sql injection. The attack can be launched remotely. Thβ¦