1291
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: added NULL check at start of dc_validate_stream
[Why]
prevent invalid memory access
[How]
check if dc and strea…
|
-
|
CVE-2024-46802
|
2024-09-30 21:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1292
|
- |
|
-
|
-
|
An arbitrary file upload vulnerability in YPay 1.2.0 allows attackers to execute arbitrary code via a ZIP archive to themePutFile in app/common/util/Upload.php (called from app/admin/controller/ypay/…
|
-
|
CVE-2024-46441
|
2024-09-30 21:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1293
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, has been found in HuankeMao SCRM up to 0.0.3. Affected by this issue is the function upload_domain_verification_file of the file WxkConfig.php of th…
|
-
|
CVE-2024-9278
|
2024-09-30 21:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1294
|
- |
|
-
|
-
|
A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of t…
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2024-9277
|
2024-09-30 21:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1295
|
- |
|
-
|
-
|
A vulnerability classified as problematic has been found in TMsoft MyAuth Gateway 3. Affected is an unknown function of the file /index.php. The manipulation of the argument console/nocache/cmd leads…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9276
|
2024-09-30 21:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1296
|
- |
|
-
|
-
|
A vulnerability was found in jeanmarc77 123solar up to 1.8.4.5. It has been rated as critical. This issue affects some unknown processing of the file /admin/admin_invt2.php. The manipulation of the a…
|
CWE-73
External Control of File Name or Path
|
CVE-2024-9275
|
2024-09-30 21:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1297
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info()
Instead of doing a BUG_ON() handle the error by return…
|
NVD-CWE-Other
|
CVE-2024-46751
|
2024-09-30 21:45 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1298
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
spi: intel: Add check devm_kasprintf() returned value
intel_spi_populate_chip() use devm_kasprintf() to set pdata->name.
This can…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46769
|
2024-09-30 21:44 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1299
|
6.1 |
MEDIUM
Network
|
wp-unit
|
share_this_image
|
The ILLID Share This Image plugin before 1.04 for WordPress has XSS via the sharer.php url parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-18015
|
2024-09-30 20:28 |
2018-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1300
|
- |
|
-
|
-
|
A Use of Weak Credentials vulnerability affecting the Wi-Fi network generated by a set of DJI drones could allow a remote attacker to derive the WPA2 PSK key and authenticate without permission to th…
|
CWE-334
Small Space of Random Values
|
CVE-2023-6951
|
2024-09-30 19:15 |
2024-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|