CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41265
https://notcve.org/view.php?id=CVE-2024-41265
01 Aug 2024 — A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function. • https://gist.github.com/nyxfqq/1a8237f3f9cf793c6433f08b17d1593c • CWE-599: Missing Validation of OpenSSL Certificate •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2024-5187 – Arbitrary File Overwrite in download_model_with_test_data in onnx/onnx
https://notcve.org/view.php?id=CVE-2024-5187
06 Jun 2024 — A vulnerability in the `download_model_with_test_data` function of the onnx/onnx framework, version 1.16.0, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability enables attackers to overwrite any file on the system, potentially leading to remote code execution, deletion of system, personal, or application files, thus impacting the integrity and availability of the system. The issue arises from the function's handling of tar fil... • https://huntr.com/bounties/50235ebd-3410-4ada-b064-1a648e11237e • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-31584
https://notcve.org/view.php?id=CVE-2024-31584
19 Apr 2024 — Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbuffer_loader.cpp. Pytorch anterior a v2.2.0 tiene una vulnerabilidad de lectura fuera de los límites a través del componente torch/csrc/jit/mobile/flatbuffer_loader.cpp. • https://github.com/pytorch/pytorch/blob/v2.1.2/torch/csrc/jit/mobile/flatbuffer_loader.cpp#L305 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-31583
https://notcve.org/view.php?id=CVE-2024-31583
17 Apr 2024 — Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp. Se descubrió que Pytorch anterior a la versión v2.2.0 contenía una vulnerabilidad de use-after-free en torch/csrc/jit/mobile/interpreter.cpp. • https://gist.github.com/1047524396/43e19a41f2b36503a4a228c32cdbc176 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21418 – Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-21418
12 Mar 2024 — Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del software para redes abiertas en la nube (SONiC) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21418 • CWE-284: Improper Access Control •
CVSS: 6.7EPSS: 0%CPEs: 28EXPL: 0CVE-2024-20023
https://notcve.org/view.php?id=CVE-2024-20023
04 Mar 2024 — In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 34EXPL: 0CVE-2024-20022
https://notcve.org/view.php?id=CVE-2024-20022
04 Mar 2024 — In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255. • https://corp.mediatek.com/product-security-bulletin/March-2024 • CWE-125: Out-of-bounds Read •
CVSS: 8.6EPSS: 3%CPEs: 2EXPL: 17CVE-2024-21626 – runc container breakout through process.cwd trickery and leaked fds
https://notcve.org/view.php?id=CVE-2024-21626
31 Jan 2024 — runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem ("attack 2"). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem th... • https://packetstorm.news/files/id/176993 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-403: Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak') CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-23656 – Dex 2.37.0 is discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers
https://notcve.org/view.php?id=CVE-2024-23656
25 Jan 2024 — Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Dex 2.37.0 serves HTTPS with insecure TLS 1.0 and TLS 1.1. `cmd/dex/serve.go` line 425 seemingly sets TLS 1.2 as minimum version, but the whole `tlsConfig` is ignored after `TLS cert reloader` was introduced in v2.37.0. Configured cipher suites are not respected either. This issue is fixed in Dex 2.38.0. • https://github.com/dexidp/dex/blob/70d7a2c7c1bb2646b1a540e49616cbc39622fb83/cmd/dex/serve.go#L425 • CWE-326: Inadequate Encryption Strength CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 8.3EPSS: 0%CPEs: 4EXPL: 1CVE-2024-22424 – Cross-Site Request Forgery (CSRF) in github.com/argoproj/argo-cd
https://notcve.org/view.php?id=CVE-2024-22424
19 Jan 2024 — Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page which contains code to call Argo CD API endpoints on the victim’s behalf. For example, an attacker could send an Argo CD use... • https://github.com/argoproj/argo-cd/issues/2496 • CWE-352: Cross-Site Request Forgery (CSRF) •