291
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
riscv, bpf: Fix out-of-bounds issue when preparing trampoline image
We get the size of the trampoline image during the dry run ph…
Update
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2024-43843
|
2024-10-30 01:29 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
292
|
3.3 |
LOW
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: virt_wifi: avoid reporting connection success with wrong SSID
When user issues a connection with a different SSID than the …
Update
|
NVD-CWE-noinfo
|
CVE-2024-43841
|
2024-10-30 01:27 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
293
|
6.1 |
MEDIUM
Network
|
sunshinephotocart
|
sunshine_photo_cart
|
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP Sunshine Sunshine Photo Cart.This issue affects Sunshine Photo Cart: from n/a through 3.2.9.
New
|
CWE-601
Open Redirect
|
CVE-2024-50463
|
2024-10-30 01:25 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
294
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG
When BPF_TRAMP_F_CALL_ORIG is set, the trampoline calls
__bpf_tramp_enter() …
Update
|
NVD-CWE-noinfo
|
CVE-2024-43840
|
2024-10-30 01:25 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
295
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: fix overflow check in adjust_jmp_off()
adjust_jmp_off() incorrectly used the insn->imm field for all overflow check,
which i…
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-43838
|
2024-10-30 01:24 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
296
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free
When calling ext4_force_split_extent_at() in ext4_ext_repl…
Update
|
CWE-415
Double Free
|
CVE-2024-49983
|
2024-10-30 01:23 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
297
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/v3d: Prevent out of bounds access in performance query extensions
Check that the number of perfmons userspace is passing in t…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-49984
|
2024-10-30 01:22 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
298
|
7.5 |
HIGH
Network
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: ethernet: lantiq_etop: fix memory disclosure
When applying padding, the buffer is not zeroed, which results in memory
disclo…
Update
|
CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
|
CVE-2024-49997
|
2024-10-30 01:20 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
299
|
5.5 |
MEDIUM
Local
|
intel
|
oneapi
|
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.2 may allow an authenticated user to potentially enable denial of service via local access.
Update
|
NVD-CWE-noinfo
|
CVE-2023-28715
|
2024-10-30 01:16 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
300
|
7.5 |
HIGH
Network
|
-
|
-
|
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the "fileorganizer_ajax_handler" function in…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-7985
|
2024-10-30 01:15 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|