|
371
|
7.5 |
HIGH
Network
ylefebvre
|
link_library
|
The Link Library WordPress plugin before 7.2.8 does not have authorisation in place when deleting links, allowing unauthenticated users to delete arbitrary links via a crafted request
Update
|
CWE-862
Missing Authorization
|
CVE-2021-25093
|
2024-10-11 01:59 |
2022-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
372
|
6.5 |
MEDIUM
Network
|
ylefebvre
|
link_library
|
The Link Library WordPress plugin before 7.2.8 does not have CSRF check when resetting library settings, allowing attackers to make a logged in admin reset arbitrary settings via a CSRF attack
Update
|
CWE-352
Origin Validation Error
|
CVE-2021-25092
|
2024-10-11 01:59 |
2022-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
373
|
6.1 |
MEDIUM
Network
|
ylefebvre
|
link_library
|
The Link Library WordPress plugin before 7.2.9 does not sanitise and escape the settingscopy parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting
Update
|
CWE-79
Cross-site Scripting
|
CVE-2021-25091
|
2024-10-11 01:59 |
2022-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
374
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: Fix double DMA unmapping for XDP_REDIRECT
Remove the dma_unmap_page_attrs() call in the driver's XDP_REDIRECT
code path.…
Update
|
NVD-CWE-noinfo
|
CVE-2024-44984
|
2024-10-11 01:48 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
375
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: mv88e6xxx: Fix out-of-bound access
If an ATU violation was caused by a CPU Load operation, the SPID could
be larger tha…
Update
|
NVD-CWE-noinfo
|
CVE-2024-44988
|
2024-10-11 01:44 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
376
|
- |
|
-
|
-
|
Bitcoin Core before 25.0 allows remote attackers to cause a denial of service (blocktxn message-handling assertion and node exit) by including transactions in a blocktxn message that are not committe…
New
|
-
|
CVE-2024-35202
|
2024-10-11 01:35 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
377
|
6.7 |
MEDIUM
Local
|
linuxfoundation
rdkcentral
google
openwrt
|
yocto
rdk-b
android
openwrt
|
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-20831
|
2024-10-11 01:35 |
2023-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
378
|
6.7 |
MEDIUM
Local
|
linuxfoundation
rdkcentral
google
openwrt
|
yocto
rdk-b
android
openwrt
|
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-20830
|
2024-10-11 01:35 |
2023-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
379
|
6.7 |
MEDIUM
Local
|
linuxfoundation
rdkcentral
google
openwrt
|
yocto
rdk-b
android
openwrt
|
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-20829
|
2024-10-11 01:35 |
2023-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
380
|
6.7 |
MEDIUM
Local
|
linuxfoundation
rdkcentral
google
openwrt
|
yocto
rdk-b
android
openwrt
|
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-20828
|
2024-10-11 01:35 |
2023-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
