741
|
6.1 |
MEDIUM
Network
|
sunshinephotocart
|
sunshine_photo_cart
|
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP Sunshine Sunshine Photo Cart.This issue affects Sunshine Photo Cart: from n/a through 3.2.9.
New
|
CWE-601
Open Redirect
|
CVE-2024-50463
|
2024-10-30 01:25 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
742
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG
When BPF_TRAMP_F_CALL_ORIG is set, the trampoline calls
__bpf_tramp_enter() …
Update
|
NVD-CWE-noinfo
|
CVE-2024-43840
|
2024-10-30 01:25 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
743
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: fix overflow check in adjust_jmp_off()
adjust_jmp_off() incorrectly used the insn->imm field for all overflow check,
which i…
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-43838
|
2024-10-30 01:24 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
744
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free
When calling ext4_force_split_extent_at() in ext4_ext_repl…
Update
|
CWE-415
Double Free
|
CVE-2024-49983
|
2024-10-30 01:23 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
745
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/v3d: Prevent out of bounds access in performance query extensions
Check that the number of perfmons userspace is passing in t…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-49984
|
2024-10-30 01:22 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
746
|
7.5 |
HIGH
Network
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: ethernet: lantiq_etop: fix memory disclosure
When applying padding, the buffer is not zeroed, which results in memory
disclo…
Update
|
CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
|
CVE-2024-49997
|
2024-10-30 01:20 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
747
|
5.5 |
MEDIUM
Local
|
intel
|
oneapi
|
Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.2 may allow an authenticated user to potentially enable denial of service via local access.
Update
|
NVD-CWE-noinfo
|
CVE-2023-28715
|
2024-10-30 01:16 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
748
|
7.5 |
HIGH
Network
|
-
|
-
|
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the "fileorganizer_ajax_handler" function in…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-7985
|
2024-10-30 01:15 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
749
|
- |
|
-
|
-
|
An Open-Redirect vulnerability exists in PingAM where well-crafted requests may cause improper validation of redirect URLs. This could allow an attacker to redirect end-users to malicious sites under…
New
|
-
|
CVE-2024-25566
|
2024-10-30 01:15 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
750
|
- |
|
-
|
-
|
Organization admins can delete pending invites created in an organization they are not part of.
New
|
-
|
CVE-2024-10452
|
2024-10-30 01:15 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|