1071
|
8.2 |
HIGH
Network
|
openpetra
|
openpetra
|
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMCommon.asmx function.
|
CWE-79
Cross-site Scripting
|
CVE-2024-40510
|
2024-10-5 03:28 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1072
|
8.8 |
HIGH
Network
|
themewinter
|
eventin
|
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.8 via multiple style paramete…
|
CWE-22
Path Traversal
|
CVE-2024-7149
|
2024-10-5 03:23 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1073
|
4.8 |
MEDIUM
Network
|
ampache
|
ampache
|
Ampache is a web based audio/video streaming application and file manager. Prior to version 6.6.0, the Democratic Playlist Name is vulnerable to a stored cross-site scripting. Version 6.6.0 fixes thi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47184
|
2024-10-5 03:19 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1074
|
4.3 |
MEDIUM
Network
|
bg5sbk
|
minicms
|
A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified as problematic. This issue affects some unknown processing of the file post-edit.php. The manipulation leads to cross-site reques…
|
CWE-352
Origin Validation Error
|
CVE-2024-9281
|
2024-10-5 03:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1075
|
9.8 |
CRITICAL
Network
kvf-admin_project
|
kvf-admin
|
A vulnerability has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff and classified as critical. This vulnerability affects the function fileUpload of the file FileUpl…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-9280
|
2024-10-5 03:00 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1076
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add array index check for hdcp ddc access
[Why]
Coverity reports OVERRUN warning. Do not check if array
index va…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46804
|
2024-10-5 02:51 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1077
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdkfd: Check debug trap enable before write dbg_ev_file
In interrupt context, write dbg_ev_file will be run by work queue. I…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46803
|
2024-10-5 02:45 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1078
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ
Make sure the connector is fully initialized…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46810
|
2024-10-5 02:43 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1079
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/amdgpu: Check tbo resource pointer
Validate tbo resource pointer, skip if NULL
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46807
|
2024-10-5 02:40 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1080
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check link_index before accessing dc->links[]
[WHY & HOW]
dc->links[] has max size of MAX_LINKS and NULL is retu…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46813
|
2024-10-5 02:38 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|