Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-5953 | 2024-09-11 | N/A | 5.7 MEDIUM | ||
| A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password. | |||||
| CVE-2024-27375 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2024-08-21 | N/A | 7.8 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->sdea_service_specific_info_len coming from userspace, which can lead to a heap overwrite. | |||||
| CVE-2024-27371 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2024-08-21 | N/A | 7.8 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite. | |||||
| CVE-2024-31136 | 2024-03-28 | N/A | 7.4 HIGH | ||
| In JetBrains TeamCity before 2024.03 2FA could be bypassed by providing a special URL parameter | |||||
| CVE-2024-31140 | 2024-03-28 | N/A | 4.1 MEDIUM | ||
| In JetBrains TeamCity before 2024.03 server administrators could remove arbitrary files from the server by installing tools | |||||
| CVE-2024-25951 | 2024-03-11 | N/A | 8.0 HIGH | ||
| A command injection vulnerability exists in local RACADM. A malicious authenticated user could gain control of the underlying operating system. | |||||
| CVE-2022-39353 | 2 Debian, Xmldom Project | 2 Debian Linux, Xmldom | 2024-02-28 | N/A | 9.8 CRITICAL |
| xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. xmldom parses XML that is not well-formed because it contains multiple top level elements, and adds all root nodes to the `childNodes` collection of the `Document`, without reporting any error or throwing. This breaks the assumption that there is only a single root node in the tree, which led to issuance of CVE-2022-39299 as it is a potential issue for dependents. Update to @xmldom/xmldom@~0.7.7, @xmldom/xmldom@~0.8.4 (dist-tag latest) or @xmldom/xmldom@>=0.9.0-beta.4 (dist-tag next). As a workaround, please one of the following approaches depending on your use case: instead of searching for elements in the whole DOM, only search in the `documentElement`or reject a document with a document that has more then 1 `childNode`. | |||||