141
|
- |
|
-
|
-
|
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.5, macOS Ventura 13.6.5, macOS Sonoma 14.4. A malicious application may be able t…
Update
|
-
|
CVE-2024-23229
|
2024-10-31 05:35 |
2024-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
142
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()
nft_unregister_expr() can concurrent with __nft_expr_type_…
Update
|
CWE-362
Race Condition
|
CVE-2024-27020
|
2024-10-31 05:35 |
2024-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
143
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix hashtab overflow check on 32-bit arches
The hashtab code relies on roundup_pow_of_two() to compute the number of
hash bu…
Update
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-26884
|
2024-10-31 05:35 |
2024-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
144
|
- |
|
-
|
-
|
In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not ne…
Update
|
-
|
CVE-2024-20050
|
2024-10-31 05:35 |
2024-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
145
|
4.3 |
MEDIUM
Network
|
apple
|
ipad_os iphone_os macos safari
|
This issue was addressed through improved state management. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4. Private Browsing tabs may be accessed without authenticati…
Update
|
NVD-CWE-noinfo
|
CVE-2024-23273
|
2024-10-31 05:35 |
2024-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
146
|
- |
|
-
|
-
|
A DOM based cross-site scripting (XSS) vulnerability in the component /dom/ranges/Range-test-iframe.html of web-platform-tests/wpt before commit 938e843 allows attackers to execute arbitrary Javascri…
Update
|
-
|
CVE-2024-26466
|
2024-10-31 05:35 |
2024-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
147
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
LoongArch: BPF: Prevent out-of-bounds memory access
The test_tag test triggers an unhandled page fault:
# ./test_tag
[ 130.…
Update
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-26588
|
2024-10-31 05:35 |
2024-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
148
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_set_rbtree: skip end interval element from gc
rbtree lazy gc on insert might collect an end interval element that …
Update
|
NVD-CWE-noinfo
|
CVE-2024-26581
|
2024-10-31 05:35 |
2024-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
149
|
5.3 |
MEDIUM
Network
motorola
|
cx2l_firmware
|
A hidden interface in Motorola CX2L Router firmware v1.0.1 leaks information regarding the SystemWizardStatus component via sending a crafted request to device_web_ip.
Update
|
NVD-CWE-noinfo
|
CVE-2024-25360
|
2024-10-31 05:35 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
150
|
7.5 |
HIGH
Network
expressvpn
|
expressvpn
|
ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration (e.g., sends them to DNS servers operated by the user's ISP instead of to…
Update
|
NVD-CWE-noinfo
|
CVE-2024-25728
|
2024-10-31 05:35 |
2024-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|