Security Vulnerabilities - CVEs Published In July 2024
A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle (MITM) attacker to downgrade the security mode of packets going to the victim, enabling the attacker to send messages to the victim in plaintext.
CVSS Score
5.3
EPSS Score
0.006
Published
2024-07-09
Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-07-09
Mommy Heather Advanced Backups up to v3.5.3 allows attackers to write arbitrary files via restoring a crafted back up.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-07-09
Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix.
CVSS Score
9.8
EPSS Score
0.007
Published
2024-07-09
In Docker Desktop on Windows before v4.31.0 allows a user in the docker-users group to cause a Windows Denial-of-Service through the exec-path Docker daemon config option in Windows containers mode.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-07-09
A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service.
CVSS Score
6.5
EPSS Score
0.006
Published
2024-07-09
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVSS Score
6.5
EPSS Score
0.004
Published
2024-07-09
Windows Fax Service Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.047
Published
2024-07-09
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVSS Score
6.5
EPSS Score
0.004
Published
2024-07-09
CVE-2024-38112
Windows MSHTML Platform Spoofing Vulnerability
Known exploited
CVSS Score
7.5
EPSS Score
0.923
Published
2024-07-09