581
|
8.7 |
HIGH
Network
|
umbraco
|
umbraco_cms
|
Umbraco, a free and open source .NET content management system, has a cross-site scripting vulnerability starting in version 14.0.0 and prior to versions 14.3.1 and 15.0.0. This can be leveraged to g…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47819
|
2024-10-25 23:24 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
582
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()
for_each_pci_dev() is implemented by pci_get_device(). The comm…
|
NVD-CWE-Other
|
CVE-2022-49002
|
2024-10-25 23:24 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
583
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
jfs: Fix uninit-value access of new_ea in ea_buffer
syzbot reports that lzo1x_1_do_compress is using uninit-value:
=============…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-49900
|
2024-10-25 23:24 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
584
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
riscv: Sync efi page table's kernel mappings before switching
The EFI page table is initially created as a copy of the kernel pag…
|
NVD-CWE-noinfo
|
CVE-2022-49004
|
2024-10-25 23:21 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
585
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ASoC: ops: Fix bounds check for _sx controls
For _sx controls the semantics of the max field is not the usual one, max
is the num…
|
NVD-CWE-noinfo
|
CVE-2022-49005
|
2024-10-25 23:17 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
586
|
- |
|
-
|
-
|
Android before 2024-10-05 on Google Pixel devices allows privilege escalation in the ABL component, A-329163861.
|
-
|
CVE-2024-47031
|
2024-10-25 23:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
587
|
- |
|
-
|
-
|
Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ACPM component, A-315191818.
|
-
|
CVE-2024-47030
|
2024-10-25 23:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
588
|
- |
|
-
|
-
|
Android before 2024-10-05 on Google Pixel devices allows privilege escalation in the ABL component, A-330537292.
|
-
|
CVE-2024-47014
|
2024-10-25 23:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
589
|
6.5 |
MEDIUM
Network
|
umbraco
|
umbraco_cms
|
Umbraco, a free and open source .NET content management system, has an improper access control issue starting in version 14.0.0 and prior to version 14.3.0. The issue allows low-privilege users to ac…
|
CWE-284 CWE-863
Improper Access Control Incorrect Authorization
|
CVE-2024-48925
|
2024-10-25 23:12 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
590
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nvme: fix SRCU protection of nvme_ns_head list
Walking the nvme_ns_head siblings list is protected by the head's srcu
in nvme_ns_…
|
CWE-416
Use After Free
|
CVE-2022-49003
|
2024-10-25 23:12 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|