NA - CVE-2024-12993 - Infinix devices contain a pre-loaded...
Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured content provider. An attacker can communicate with the provider and reveal the user’s location without...
NA - CVE-2024-10044 - A Server-Side Request Forgery (SSRF)...
A Server-Side Request Forgery (SSRF) vulnerability exists in the POST /worker_generate_stream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit...
High - CVE-2024-54181 - IBM WebSphere Automation 1.7.5 could allow a...
IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to the swagger UI, to execute arbitrary code. Using specially crafted input, the user could exploit...
NA - CVE-2024-50701 - TeamPass before 3.1.3.1, when retrieving...
TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an...