141
|
- |
|
-
|
-
|
Aimeos is an e-commerce framework. All SaaS and marketplace setups using the Aimeos GraphQL API admin interface version from 2024.04 up to 2024.07.1 are affected by a potential denial of service atta…
New
|
CWE-270
Privilege Context Switching Error
|
CVE-2024-47173
|
2024-10-25 04:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
142
|
- |
|
-
|
-
|
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Edit Email Form Settings Feature. Version 5.1.2 fixes the issue.
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-46998
|
2024-10-25 04:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
143
|
- |
|
-
|
-
|
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in the Blog posts feature. Version 5.1.2 fixes this issue.
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-46996
|
2024-10-25 04:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
144
|
- |
|
-
|
-
|
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in HTTP 400 Bad Request. Version 5.1.2 fixes this issue.
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-46995
|
2024-10-25 04:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
145
|
- |
|
-
|
-
|
baserCMS is a website development framework. Versions prior to 5.1.2 have a cross-site scripting vulnerability in Blog posts and Contents list Feature. Version 5.1.2 fixes this issue.
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-46994
|
2024-10-25 04:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
146
|
7.8 |
HIGH
Local
|
intel
|
mpi_library
|
Uncontrolled search path for some Intel(R) MPI Library Software before version 2021.11 may allow an authenticated user to potentially enable escalation of privilege via local access.
Update
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2023-41091
|
2024-10-25 04:14 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
147
|
7.8 |
HIGH
Local
|
intel
|
implicit_spmd_program_compiler
|
Uncontrolled search path in some Intel(R) ISPC software before version 1.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Update
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2023-38566
|
2024-10-25 04:14 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
148
|
7.8 |
HIGH
Local
|
intel
|
ethernet_adapter_complete_driver
|
Improper access control element in some Intel(R) Ethernet tools and driver install software, before versions 28.2, may allow an authenticated user to potentially enable escalation of privilege via lo…
Update
|
NVD-CWE-noinfo
|
CVE-2023-39432
|
2024-10-25 04:13 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
149
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
sctp: fix memory leak in sctp_stream_outq_migrate()
When sctp_stream_outq_migrate() is called to release stream out resources,
th…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-49013
|
2024-10-25 04:09 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
150
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
afs: Fix server->active leak in afs_put_server
The atomic_read was accidentally replaced with atomic_inc_return,
which prevents t…
Update
|
CWE-459
Incomplete Cleanup
|
CVE-2022-49012
|
2024-10-25 04:07 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|