301
|
4.3 |
MEDIUM
Network
|
wpbeginner
|
transients_manager
|
The Transients Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the proces…
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-10045
|
2024-10-26 03:52 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
302
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
gpiolib: fix memory leak in gpiochip_setup_dev()
Here is a backtrace report about memory leak detected in
gpiochip_setup_dev():
…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48975
|
2024-10-26 03:48 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
303
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
can: af_can: fix NULL pointer dereference in can_rcv_filter
Analogue to commit 8aa59e355949 ("can: af_can: fix NULL pointer
deref…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48977
|
2024-10-26 03:47 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
304
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: flowtable_offload: fix using __this_cpu_add in preemptible
flow_offload_queue_work() can be called in workqueue withou…
Update
|
NVD-CWE-noinfo
|
CVE-2022-48976
|
2024-10-26 03:47 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
305
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
HID: core: fix shift-out-of-bounds in hid_report_raw_event
Syzbot reported shift-out-of-bounds in hid_report_raw_event.
microsof…
Update
|
NVD-CWE-Other
|
CVE-2022-48978
|
2024-10-26 03:46 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
306
|
5.4 |
MEDIUM
Network
|
itssglobal
|
imlog
|
A cross-site scripting (XSS) vulnerability in the User Maintenance section of ITSS iMLog v1.307 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-22855
|
2024-10-26 03:41 |
2024-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
307
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: fix array index out of bound error in DCN32 DML
[Why&How]
LinkCapacitySupport array is indexed with the number o…
Update
|
CWE-129
Improper Validation of Array Index
|
CVE-2022-48979
|
2024-10-26 03:40 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
308
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing()
The SJA1105 family has 45 L2 policing table entries
(…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2022-48980
|
2024-10-26 03:36 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
309
|
- |
|
-
|
-
|
Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RC…
Update
|
-
|
CVE-2024-38909
|
2024-10-26 03:35 |
2024-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
310
|
- |
|
-
|
-
|
An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. There is Incorrect Access Control.
Update
|
-
|
CVE-2024-28805
|
2024-10-26 03:35 |
2024-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|