2011
|
9.8 |
CRITICAL
Network
ergophone yealink
|
tiptel_ip_286_firmware sip-t28p_firmware
|
Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function.
|
CWE-22
Path Traversal
|
CVE-2024-33109
|
2024-09-25 23:47 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2012
|
9.8 |
CRITICAL
Network
closed-loop
|
cless_server
|
An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to execute arbitrary code via uploading a crafted PHP file to the u…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-40125
|
2024-09-25 23:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2013
|
8.8 |
HIGH
Network
|
awplife
|
album_gallery
|
Missing Authorization vulnerability in A WP Life Album Gallery – WordPress Gallery.This issue affects Album Gallery – WordPress Gallery: from n/a through 1.5.7.
|
CWE-862
Missing Authorization
|
CVE-2024-35720
|
2024-09-25 23:46 |
2024-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2014
|
8.8 |
HIGH
Network
|
awplife
|
media_slider
|
Missing Authorization vulnerability in A WP Life Media Slider – Photo Sleder, Video Slider, Link Slider, Carousal Slideshow.This issue affects Media Slider – Photo Sleder, Video Slider, Link Slider, …
|
CWE-862
Missing Authorization
|
CVE-2024-35717
|
2024-09-25 23:46 |
2024-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2015
|
4.4 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: fix double free err_addr pointer warnings
In amdgpu_umc_bad_page_polling_timeout, the amdgpu_umc_handle_bad_pages
wil…
|
CWE-415
Double Free
|
CVE-2024-42123
|
2024-09-25 23:45 |
2024-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2016
|
4.4 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm: avoid overflows in dirty throttling logic
The dirty throttling logic is interspersed with assumptions that dirty
limits in PA…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-42131
|
2024-09-25 23:45 |
2024-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2017
|
4.4 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values
syzbot is able to trigger softlockups, setting NL80211_ATTR_TXQ_QUANTUM
…
|
CWE-667
Improper Locking
|
CVE-2024-42114
|
2024-09-25 23:44 |
2024-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2018
|
7.8 |
HIGH
Local
|
parallels
|
parallels_desktop
|
Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows local attackers to downgrade Parallels software on affected installations of Paralle…
|
NVD-CWE-Other
|
CVE-2024-6153
|
2024-09-25 23:44 |
2024-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2019
|
8.8 |
HIGH
Network
|
yoginetwork
|
rabbitloader
|
Missing Authorization vulnerability in RabbitLoader.This issue affects RabbitLoader: from n/a through 2.19.13.
|
CWE-862
Missing Authorization
|
CVE-2024-21751
|
2024-09-25 23:44 |
2024-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2020
|
6.5 |
MEDIUM
Network
|
reputeinfosystems
|
arforms
|
Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a through 6.4.
|
CWE-862
Missing Authorization
|
CVE-2024-32704
|
2024-09-25 23:42 |
2024-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|