931
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc()
We handle errors here properly, ENOMEM isn't fa…
Update
|
NVD-CWE-noinfo
|
CVE-2024-46841
|
2024-10-9 03:17 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
932
|
8.8 |
HIGH
Network
|
emiloimagtolis
|
online_discussion_forum
|
File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "sendreply.php" file, and the uploaded file was received usi…
Update
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-37868
|
2024-10-9 03:16 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
933
|
8.8 |
HIGH
Network
|
emiloimagtolis
|
online_discussion_forum
|
File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "poster.php" file, and the uploaded file was received using …
Update
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-37869
|
2024-10-9 03:15 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
934
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: clean up our handling of refs == 0 in snapshot delete
In reada we BUG_ON(refs == 0), which could be unkind since we aren't…
Update
|
NVD-CWE-noinfo
|
CVE-2024-46840
|
2024-10-9 03:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
935
|
5.4 |
MEDIUM
Network
|
kraftplugins
|
demo_importer_plus
|
The Demo Importer Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0.1 due to insufficient input sanitization and ou…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9172
|
2024-10-9 03:05 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
936
|
7.5 |
HIGH
Network
cisco
|
meraki_z4c_firmware meraki_z4_firmware meraki_z3c_firmware meraki_z3_firmware meraki_vmx_firmware meraki_mx600_firmware meraki_mx450_firmware meraki_mx400_firmware meraki_mx25…
|
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS cond…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-20499
|
2024-10-9 02:45 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
937
|
7.5 |
HIGH
Network
cisco
|
meraki_z4c_firmware meraki_z4_firmware meraki_z3c_firmware meraki_z3_firmware meraki_vmx_firmware meraki_mx600_firmware meraki_mx450_firmware meraki_mx400_firmware meraki_mx25…
|
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in …
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-20500
|
2024-10-9 02:37 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
938
|
7.8 |
HIGH
Local
|
atlassian
|
confluence_data_center confluence_server
|
Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Conflu…
Update
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2021-43940
|
2024-10-9 02:35 |
2022-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
939
|
7.5 |
HIGH
Network
microsoft
|
visual_studio_2022 .net
|
.NET and Visual Studio Denial of Service Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-30105
|
2024-10-9 02:15 |
2024-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
940
|
- |
|
-
|
-
|
There is a difficult to exploit improper authentication issue in the Home application for Esri Portal for ArcGIS versions 10.8.1 through 11.2 on Windows and Linux, and ArcGIS Enterprise 11.1 and belo…
Update
|
CWE-287
Improper Authentication
|
CVE-2024-25699
|
2024-10-9 02:15 |
2024-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|