1071
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_socket: fix sk refcount leaks
We must put 'sk' reference before returning.
|
NVD-CWE-Other
|
CVE-2024-46855
|
2024-10-2 22:21 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1072
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix the warning division or modulo by zero
Checks the partition mode and returns an error for an invalid mode.
|
CWE-369
Divide By Zero
|
CVE-2024-46806
|
2024-10-2 22:17 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1073
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: fix the waring dereferencing hive
Check the amdgpu_hive_info *hive that maybe is NULL.
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46805
|
2024-10-2 21:58 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1074
|
9.8 |
CRITICAL
Network
code-projects
|
blood_bank_system
|
A vulnerability was found in code-projects Blood Bank System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /forgot.php. The manipulation of the argument u…
|
CWE-89
SQL Injection
|
CVE-2024-9327
|
2024-10-2 21:57 |
2024-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1075
|
9.8 |
CRITICAL
Network
-
|
-
|
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive messages, including GET/SET configuration commands, reboot commands and firmware updates.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2023-1083
|
2024-10-2 15:15 |
2024-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1076
|
5.3 |
MEDIUM
Local
|
wago
|
compact_controller_100_firmware edge_controller_firmware pfc100_firmware pfc200_firmware touch_panel_600_advanced_firmware touch_panel_600_marine_firmware touch_panel_600_standard_f…
|
Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privile…
|
CWE-863
Incorrect Authorization
|
CVE-2023-3379
|
2024-10-2 15:15 |
2023-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1077
|
8.8 |
HIGH
Network
|
codesys
|
development_system
|
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received…
|
CWE-940
Improper Verification of Source of a Communication Channel
|
CVE-2023-3663
|
2024-10-2 15:15 |
2023-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1078
|
8.8 |
HIGH
Network
|
taphome
|
core_firmware
|
A hidden API exists in TapHome's core platform before version 2023.2 that allows an authenticated, low privileged user to change passwords of other users without any prior knowledge. The attacker may…
|
CWE-863
Incorrect Authorization
|
CVE-2023-2759
|
2024-10-2 15:15 |
2023-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1079
|
4.9 |
MEDIUM
Network
|
wago
|
750-331_firmware 750-8202_firmware 750-8202\/000-011_firmware 750-8202\/000-012_firmware 750-8202\/000-022_firmware 750-8202\/025-000_firmware 750-8202\/025-001_firmware 750-8202…
|
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by sending a specifically crafted packet to the CODESYS V2 runtime.
|
CWE-1288
Improper Validation of Consistency within Input
|
CVE-2023-1620
|
2024-10-2 15:15 |
2023-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1080
|
4.3 |
MEDIUM
Network
|
mbconnectline
|
mbconnect24 mymbconnect24
|
Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual in versions <=2.13.3 allow an authori…
|
CWE-863
Incorrect Authorization
|
CVE-2023-1779
|
2024-10-2 15:15 |
2023-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|