|
771
|
7.4 |
HIGH
Network
|
bitdefender
|
total_security
|
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates.…
Update
|
CWE-295
Improper Certificate Validation
|
CVE-2023-49570
|
2024-10-23 01:26 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
772
|
9.8 |
CRITICAL
Network
hikvision
|
hikcentral_master
|
There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file.
Update
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2024-47485
|
2024-10-23 01:23 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
773
|
5.4 |
MEDIUM
Network
|
gurieveugen\&vitaliyshebela
|
branding
|
The Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escapin…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9452
|
2024-10-23 01:23 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
774
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to check atomic_file in f2fs ioctl interfaces
Some f2fs ioctl interfaces like f2fs_ioc_set_pin_file(),
f2fs_move_file_r…
New
|
CWE-362
Race Condition
|
CVE-2024-49859
|
2024-10-23 01:13 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
775
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nbd: fix race between timeout and normal completion
If request timetout is handled by nbd_requeue_cmd(), normal completion
has to…
New
|
CWE-416
Use After Free
|
CVE-2024-49855
|
2024-10-23 01:12 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
776
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos
In case of malformed relocation record of kind BPF_CORE_TYPE_ID_LOCA…
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49850
|
2024-10-23 01:12 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
777
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway
Syzbot reports a UAF in hugetlb_fault(). This happens because
vmf_anon_pre…
New
|
CWE-416
Use After Free
|
CVE-2024-47676
|
2024-10-23 01:12 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
778
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
media: mediatek: vcodec: Fix H264 stateless decoder smatch warning
Fix a smatch static checker warning on vdec_h264_req_if.c.
Whi…
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47752
|
2024-10-23 01:11 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
779
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition
In the ether3_probe function, a timer is initi…
New
|
CWE-416
Use After Free
|
CVE-2024-47747
|
2024-10-23 01:11 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
780
|
6.1 |
MEDIUM
Network
|
hikvision
|
hikcentral_master
|
There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could inject scripts into certain pages by building malicious data.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-47486
|
2024-10-23 01:11 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
