|
311
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add array index check for hdcp ddc access
[Why]
Coverity reports OVERRUN warning. Do not check if array
index va…
New
|
-
|
CVE-2024-46804
|
2024-09-27 22:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdkfd: Check debug trap enable before write dbg_ev_file
In interrupt context, write dbg_ev_file will be run by work queue. I…
New
|
-
|
CVE-2024-46803
|
2024-09-27 22:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: added NULL check at start of dc_validate_stream
[Why]
prevent invalid memory access
[How]
check if dc and strea…
New
|
-
|
CVE-2024-46802
|
2024-09-27 22:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314
|
- |
|
-
|
-
|
In Foxit PDF Reader before 2024.3, and PDF Editor before 2024.3 and 13.x before 13.1.4, an attacker can replace an update file with a Trojan horse via side loading, because the update service lacks i…
New
|
-
|
CVE-2024-41605
|
2024-09-27 22:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315
|
8.8 |
HIGH
Network
|
acymailing
|
acymailing
|
The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the …
Update
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-7384
|
2024-09-27 22:15 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316
|
6.6 |
MEDIUM
Local
|
linux
fedoraproject
redhat
|
linux_kernel
fedora
enterprise_linux
|
A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each itera…
Update
|
NVD-CWE-Other
|
CVE-2024-0607
|
2024-09-27 22:15 |
2024-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317
|
8.8 |
HIGH
Network
|
wpmarketingrobot
|
woocommerce_google_feed_manager
|
The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wppfm_removeFeedFile' function in all versions up to, and…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-7258
|
2024-09-27 22:05 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318
|
4.3 |
MEDIUM
Network
|
webba-booking
|
webba_booking
|
The Appointment & Event Booking Calendar Plugin – Webba Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_appearance() func…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-8432
|
2024-09-27 21:58 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319
|
6.1 |
MEDIUM
Network
|
fatcatapps
|
pixel_cat
|
The Pixel Cat – Conversion Pixel Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions u…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8544
|
2024-09-27 21:57 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
320
|
5.4 |
MEDIUM
Network
|
ggnome
|
garden_gnome_package
|
The Garden Gnome Package plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ggpkg shortcode in all versions up to, and including, 2.2.9 due to insufficient input sanit…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8657
|
2024-09-27 21:56 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
