NA - CVE-2024-37885 - The Nextcloud Desktop Client is a tool to...
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when...
NA - CVE-2024-37886 - user_oidc app is an OpenID Connect user backend...
user_oidc app is an OpenID Connect user backend for Nextcloud. An attacker could potentially trick the app into accepting a request that is not signed by the correct server. It is recommended that...
NA - CVE-2024-37887 - Nextcloud Server is a self hosted personal...
Nextcloud Server is a self hosted personal cloud system. Private shared calendar events' recurrence exceptions can be read by sharees. It is recommended that the Nextcloud Server is upgraded...
NA - CVE-2024-5934 - Rejected reason: ** REJECT ** DO NOT USE THIS...
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent...
NA - CVE-2024-37369 - A privilege escalation vulnerability exists in...
A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further...
NA - CVE-2024-5659 - Rockwell Automation was made aware of a...
Rockwell Automation was made aware of a vulnerability that causes all affected controllers on the same network to result in a major nonrecoverable fault(MNRF/Assert). This vulnerability could be...
Critical - CVE-2024-2472 - The LatePoint Plugin plugin for WordPress is...
The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the...
NA - CVE-2024-34012 - Local privilege escalation due to insecure...
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.24135.272.
Critical - CVE-2024-3912 - Certain models of ASUS routers have an...
Certain models of ASUS routers have an arbitrary firmware upload vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the device.
NA - CVE-2024-5685 - Users with "User:edit" and "Self:api"...
Users with "User:edit" and "Self:api" permissions can promote or demote themselves or other users by performing changes to the group's memberships via API call.This issue affects snipe-it:...