81
|
- |
|
-
|
-
|
An issue discovered in 360 Total Security Antivirus through 11.0.0.1061 for Windows allows attackers to gain escalated privileges via Symbolic Link Follow to Arbitrary File Delete.
Update
|
-
|
CVE-2024-22014
|
2024-10-26 06:35 |
2024-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
82
|
- |
|
-
|
-
|
JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /labels/BubbleXYItemLabelGenerator.java. NOTE: this is disputed by multiple third parties who believe there was no…
Update
|
-
|
CVE-2024-23076
|
2024-10-26 06:35 |
2024-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
83
|
- |
|
-
|
-
|
In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed
Update
|
-
|
CVE-2023-52533
|
2024-10-26 06:35 |
2024-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
84
|
5.5 |
MEDIUM
Local
|
skoda-auto
|
superb_3_firmware
|
By sending a specific reset UDS request via OBDII port of Skoda vehicles, it is possible to cause vehicle engine shutdown and denial of service of other vehicle components even when the vehicle is mo…
Update
|
NVD-CWE-noinfo
|
CVE-2023-28899
|
2024-10-26 06:35 |
2024-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
85
|
9.8 |
CRITICAL
Network
totolink
|
ex1800t_firmware
|
TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution (RCE) vulnerability via the telnet_enabled parameter of the setTelnetCfg interface
Update
|
NVD-CWE-noinfo
|
CVE-2023-52026
|
2024-10-26 06:35 |
2024-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
86
|
5.5 |
MEDIUM
Local
|
bpsoft
|
hex_workshop
|
A denial service vulnerability has been found on Hex Workshop affecting version 6.7, an attacker could send a command line file arguments and control the Structured Exception Handler (SEH) records r…
Update
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-0429
|
2024-10-26 06:35 |
2024-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
87
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
NFC: nci: Bounds check struct nfc_target arrays
While running under CONFIG_FORTIFY_SOURCE=y, syzkaller reported:
memcpy: detec…
Update
|
CWE-129
Improper Validation of Array Index
|
CVE-2022-48967
|
2024-10-26 06:27 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
88
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
octeontx2-pf: Fix potential memory leak in otx2_init_tc()
In otx2_init_tc(), if rhashtable_init() failed, it does not free
tc->tc…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48968
|
2024-10-26 06:26 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
89
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xen-netfront: Fix NULL sring after live migration
A NAPI is setup for each network sring to poll data to kernel
The sring with so…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48969
|
2024-10-26 06:22 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
90
|
5.3 |
MEDIUM
Network
servmask
|
all-in-one_wp_migration
|
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.86 through publicly exposed log files. This makes i…
Update
|
NVD-CWE-noinfo
|
CVE-2024-8852
|
2024-10-26 06:20 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|