NA - CVE-2024-39915 - Thruk is a multibackend monitoring webinterface...
Thruk is a multibackend monitoring webinterface for Naemon, Nagios, Icinga and Shinken using the Livestatus API. This authenticated RCE in Thruk allows authorized users with network access to...
NA - CVE-2024-39918 - @jmondi/url-to-png is an open source URL to PNG...
@jmondi/url-to-png is an open source URL to PNG utility featuring parallel rendering using Playwright for screenshots and with storage caching via Local, S3, or CouchDB. Input of the `ImageId` in...
NA - CVE-2024-39919 - @jmondi/url-to-png is an open source URL to PNG...
@jmondi/url-to-png is an open source URL to PNG utility featuring parallel rendering using Playwright for screenshots and with storage caching via Local, S3, or CouchDB. The package includes an...
NA - CVE-2024-40624 - TorrentPier is an open source BitTorrent...
TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In `torrentpier/library/includes/functions.php`, `get_tracks()` uses the unsafe native PHP serialization...
NA - CVE-2024-40627 - Fastapi OPA is an opensource fastapi middleware...
Fastapi OPA is an opensource fastapi middleware which includes auth flow. HTTP `OPTIONS` requests are always allowed by `OpaMiddleware`, even when they lack authentication, and are passed through...
NA - CVE-2024-40630 - OpenImageIO is a toolset for reading, writing,...
OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation via a format-agnostic API with a feature set, scalability, and...
NA - CVE-2024-4224 - An authenticated stored cross-site scripting...
An authenticated stored cross-site scripting (XSS) exists in the TP-Link TL-SG1016DE affecting version TL-SG1016DE(UN) V7.6_1.0.0 Build 20230616, which could allow an adversary to run JavaScript in...
NA - CVE-2024-40632 - Linkerd is an open source, ultralight,...
Linkerd is an open source, ultralight, security-first service mesh for Kubernetes. In affected versions when the application being run by linkerd is susceptible to SSRF, an attacker could...
NA - CVE-2024-4143 - A potential security vulnerability has been...
A potential security vulnerability has been identified in certain HP PC products using AMI BIOS, which might allow arbitrary code execution. AMI has released firmware updates to mitigate this...