731
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. (Chrome security severity: …
Update
|
NVD-CWE-noinfo
|
CVE-2022-4025
|
2024-10-30 01:35 |
2023-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
732
|
4.9 |
MEDIUM
Network
|
atlassian
|
jira_align
|
The ManageJiraConnectors API in Atlassian Jira Align before version 10.109.2 allows remote attackers to exploit this issue to access internal network resources via a Server-Side Request Forgery. This…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2022-36802
|
2024-10-30 01:35 |
2022-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
733
|
6.1 |
MEDIUM
Network
|
atlassian
|
jira_data_center jira_server
|
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting (RXSS) vulnerability in the Tea…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2022-36801
|
2024-10-30 01:35 |
2022-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
734
|
4.3 |
MEDIUM
Network
|
atlassian
|
jira_service_management
|
Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission to view groups via an Information Disclosure vulnerability i…
Update
|
NVD-CWE-noinfo
|
CVE-2022-36800
|
2024-10-30 01:35 |
2022-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
735
|
6.5 |
MEDIUM
Network
|
atlassian
|
jira_service_management jira_data_center jira_server jira_service_desk
|
A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request f…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2022-26135
|
2024-10-30 01:35 |
2022-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
736
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: uvc: Prevent buffer overflow in setup handler
Setup function uvc_function_setup permits control transfer
requests wi…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2022-48948
|
2024-10-30 01:34 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
737
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
igb: Initialize mailbox message for VF reset
When a MAC address is not assigned to the VF, that portion of the message
sent to th…
Update
|
CWE-908
Use of Uninitialized Resource
|
CVE-2022-48949
|
2024-10-30 01:32 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
738
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
uprobe: avoid out-of-bounds memory access of fetching args
Uprobe needs to fetch args into a percpu buffer, and then copy to ring…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-50067
|
2024-10-30 01:30 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
739
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
riscv, bpf: Fix out-of-bounds issue when preparing trampoline image
We get the size of the trampoline image during the dry run ph…
Update
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2024-43843
|
2024-10-30 01:29 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
740
|
3.3 |
LOW
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: virt_wifi: avoid reporting connection success with wrong SSID
When user issues a connection with a different SSID than the …
Update
|
NVD-CWE-noinfo
|
CVE-2024-43841
|
2024-10-30 01:27 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|