2181
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8636
|
2024-09-13 23:35 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2182
|
4.3 |
MEDIUM
Network
|
bricksbuilder
|
bricks
|
The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. This is due to missing or incorrect nonce validation on the 'reset_settings' functi…
|
CWE-352
Origin Validation Error
|
CVE-2023-3409
|
2024-09-13 23:34 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2183
|
5.4 |
MEDIUM
Network
|
cyberchimps
|
responsive_blocks
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks – WordPress Gutenberg Blocks allows Stored XSS.This issue af…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43335
|
2024-09-13 23:25 |
2024-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2184
|
5.4 |
MEDIUM
Network
|
bdthemes
|
ultimate_store_kit
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Stored XSS.This issue affects Ultimate…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43342
|
2024-09-13 23:11 |
2024-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2185
|
- |
|
-
|
-
|
A vulnerability in the MSC800 allows an unauthenticated attacker to modify the product’s IP
address over Sopas ET.
This can lead to Denial of Service.
Users are recommended to upgrade both
MSC800 a…
|
-
|
CVE-2024-8751
|
2024-09-13 23:06 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2186
|
8.8 |
HIGH
Network
|
italtel
|
embrace
|
An issue was discovered in Italtel Embrace 1.6.4. The web application inserts the access token of an authenticated user inside GET requests. The query string for the URL could be saved in the browser…
|
NVD-CWE-noinfo
|
CVE-2024-31842
|
2024-09-13 23:05 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2187
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: qgroup: do not warn on record without old_roots populated
[BUG]
There are some reports from the mailing list that since v6…
|
NVD-CWE-noinfo
|
CVE-2023-52897
|
2024-09-13 22:52 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2188
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xhci: Fix null pointer dereference when host dies
Make sure xhci_free_dev() and xhci_kill_endpoint_urbs() do not race
and cause n…
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-52898
|
2024-09-13 22:46 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2189
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Add exception protection processing for vd in axi_chan_handle_err function
Since there is no protection for vd, a kernel panic wi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-52899
|
2024-09-13 22:44 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2190
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix general protection fault in nilfs_btree_insert()
If nilfs2 reads a corrupted disk image and tries to reads a b-tree n…
|
NVD-CWE-noinfo
|
CVE-2023-52900
|
2024-09-13 22:40 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|