1241
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info()
Instead of doing a BUG_ON() handle the error by return…
|
NVD-CWE-Other
|
CVE-2024-46751
|
2024-09-30 21:45 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1242
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
spi: intel: Add check devm_kasprintf() returned value
intel_spi_populate_chip() use devm_kasprintf() to set pdata->name.
This can…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46769
|
2024-09-30 21:44 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1243
|
6.1 |
MEDIUM
Network
|
wp-unit
|
share_this_image
|
The ILLID Share This Image plugin before 1.04 for WordPress has XSS via the sharer.php url parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-18015
|
2024-09-30 20:28 |
2018-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1244
|
- |
|
-
|
-
|
A Use of Weak Credentials vulnerability affecting the Wi-Fi network generated by a set of DJI drones could allow a remote attacker to derive the WPA2 PSK key and authenticate without permission to th…
|
CWE-334
Small Space of Random Values
|
CVE-2023-6951
|
2024-09-30 19:15 |
2024-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1245
|
- |
|
-
|
-
|
An Improper Input Validation vulnerability affecting the FTP service running on the DJI Mavic Mini 3 Pro could allow an attacker to craft a malicious packet containing a malformed path provided to th…
|
-
|
CVE-2023-6950
|
2024-09-30 19:15 |
2024-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1246
|
- |
|
-
|
-
|
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to trigger an out-of-bound read/write into the process m…
|
CWE-125 CWE-787
Out-of-bounds Read Out-of-bounds Write
|
CVE-2023-51456
|
2024-09-30 19:15 |
2024-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1247
|
- |
|
-
|
-
|
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payloa…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-51453
|
2024-09-30 19:15 |
2024-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1248
|
- |
|
-
|
-
|
A Improper Input Validation issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payloa…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-51452
|
2024-09-30 19:15 |
2024-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1249
|
- |
|
-
|
-
|
A CWE-862 “Missing Authorization” vulnerability in the “measure” functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue a…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2023-45598
|
2024-09-30 19:15 |
2024-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1250
|
- |
|
-
|
-
|
A CWE-862 “Missing Authorization” vulnerability in the “file_configuration” functionality of the web application allows a remote unauthenticated attacker to access confidential configuration files. T…
|
CWE-425
Direct Request ('Forced Browsing')
|
CVE-2023-45596
|
2024-09-30 19:15 |
2024-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|