CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-36611
https://notcve.org/view.php?id=CVE-2024-36611
In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic handling or denial of service. In Symfony v7.07, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic handling or denial of service. • https://gist.github.com/1047524396/3581425e0911b716cf8ce4fa30e41e6c https://github.com/symfony/symfony/blob/v7.0.7/src/Symfony/Component/Security/Http/Authenticator/FormLoginAuthenticator.php#L132 https://github.com/symfony/symfony/commit/a804ca15fcad279d7727b91d12a667fd5b925995 https://github.com/github/advisory-database/pull/5046 https://github.com/symfony/symfony/issues/59077#issuecomment-2513935018 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-9852 – Malicious Code Execution Vulnerability in GENESIS64 and MC Works64
https://notcve.org/view.php?id=CVE-2024-9852
This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products. • https://jvn.jp/vu/JVNVU93891820 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-010_en.pdf • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-8300 – Malicious Code Execution Vulnerability in GENESIS64
https://notcve.org/view.php?id=CVE-2024-8300
This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products. • https://jvn.jp/vu/JVNVU93891820 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-010_en.pdf • CWE-561: Dead Code •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-8299 – Malicious Code Execution Vulnerability in GENESIS64 and MC Works64
https://notcve.org/view.php?id=CVE-2024-8299
This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products. • https://jvn.jp/vu/JVNVU93891820 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-010_en.pdf • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22038 – DoS attacks, information leaks etc. with crafted Git repositories in obs-scm-bridge
https://notcve.org/view.php?id=CVE-2024-22038
Various problems in obs-scm-bridge allows attackers that create specially crafted git repositories to leak information of cause denial of service. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22038 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •