2391
|
- |
|
-
|
-
|
TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function SetPortForwardRules
|
-
|
CVE-2024-35400
|
2024-11-8 06:35 |
2024-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2392
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Stop parsing channels bits when all channels are found.
If a usb audio device sets more bits than the amount of …
|
-
|
CVE-2024-27436
|
2024-11-8 06:35 |
2024-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2393
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
mt76: fix potential DMA mapping leak
With buf uninitialized in mt76_dma_tx_queue_skb_raw, its field skip_unmap
could potentially …
|
-
|
CVE-2021-47064
|
2024-11-8 06:35 |
2024-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2394
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tracing/probes: Fix MAX_TRACE_ARGS limit handling
When creating a trace_probe we would set nr_args prior to truncating the
argume…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50132
|
2024-11-8 06:32 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2395
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: Don't crash in stack_top() for tasks without vDSO
Not all tasks have a vDSO mapped, for example kthreads never do. If …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50133
|
2024-11-8 06:17 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2396
|
4.8 |
MEDIUM
Network
|
kevonadonis
|
wp_abstracts
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kevon Adonis WP Abstracts allows Stored XSS.This issue affects WP Abstracts: from n/a thro…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50411
|
2024-11-8 06:09 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2397
|
6.1 |
MEDIUM
Network
|
rafasashi
|
todo_custom_field
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rafasashi Todo Custom Field allows Reflected XSS.This issue affects Todo Custom Field: fro…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49642
|
2024-11-8 05:59 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2398
|
5.4 |
MEDIUM
Network
|
basticom
|
framework
|
The Basticom Framework plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.5.0 due to insufficient input sanitization and ou…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9443
|
2024-11-8 05:56 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2399
|
6.5 |
MEDIUM
Network
|
liferay
|
liferay_portal digital_experience_platform
|
The Document and Media widget In Liferay Portal 7.2.0 through 7.3.6, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 13, and older unsupported versions,…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-25143
|
2024-11-8 05:55 |
2024-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2400
|
5.9 |
MEDIUM
Network
|
wolfssl
|
wolfssl
|
wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure:
--enable-all CFL…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2023-6935
|
2024-11-8 05:41 |
2024-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|