501
|
5.4 |
MEDIUM
Network
|
clibomanager
|
clibo_manager
|
Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross-Site Scripting (stored XSS ) by uploading a malicious .svg image in the section: Profile > Profile pict…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9198
|
2024-10-2 23:33 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
502
|
4.8 |
MEDIUM
Network
|
radiustheme
|
the_post_grid
|
The Post Grid WordPress plugin before 7.5.0 does not sanitise and escape some of its Grid settings, which could allow high privilege users such as Editor and above to perform Stored Cross-Site Scrip…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-3635
|
2024-10-2 23:30 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
503
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommufd: Require drivers to supply the cache_invalidate_user ops
If drivers don't do this then iommufd will oops invalidation ioc…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46824
|
2024-10-2 23:29 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
504
|
8.1 |
HIGH
Network
|
acquia
|
mautic
|
Prior to the patched version, logged in users of Mautic are vulnerable to Relative Path Traversal/Arbitrary File Deletion. Regardless of the level of access the Mautic user had, they could delete fil…
Update
|
CWE-22
Path Traversal
|
CVE-2021-27916
|
2024-10-2 23:29 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
505
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
rtmutex: Drop rt_mutex::wait_lock before scheduling
rt_mutex_handle_deadlock() is called with rt_mutex::wait_lock held. In the
g…
Update
|
CWE-667
Improper Locking
|
CVE-2024-46829
|
2024-10-2 23:27 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
506
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: microchip: vcap: Fix use-after-free error in kunit test
This is a clear use-after-free error. We remove it, and rely on chec…
Update
|
CWE-416
Use After Free
|
CVE-2024-46831
|
2024-10-2 23:26 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
507
|
5.5 |
MEDIUM
Local
|
gpac debian
|
gpac debian_linux
|
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0.
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-4043
|
2024-10-2 23:26 |
2022-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
508
|
8.8 |
HIGH
Local
|
oracle
|
solaris
|
Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker …
Update
|
NVD-CWE-noinfo
|
CVE-2019-3010
|
2024-10-2 23:26 |
2019-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
509
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix smatch static checker warning
adev->gfx.imu.funcs could be NULL
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46835
|
2024-10-2 23:24 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
510
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry
In a review discussion of the changes to support vCPU hotplug…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46822
|
2024-10-2 23:24 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|