|
1001
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
mailbox: mtk-cmdq: Fix pm_runtime_get_sync() warning in mbox shutdown
The return value of pm_runtime_get_sync() in cmdq_mbox_shut…
Update
|
-
|
CVE-2024-39492
|
2024-10-31 06:35 |
2024-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1002
|
- |
|
-
|
-
|
A vulnerability in Node.js has been identified, allowing for a Denial of Service (DoS) attack through resource exhaustion when using the fetch() function to retrieve content from an untrusted URL.
Th…
Update
|
-
|
CVE-2024-22025
|
2024-10-31 06:35 |
2024-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1003
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted…
Update
|
NVD-CWE-noinfo
|
CVE-2024-23850
|
2024-10-31 06:35 |
2024-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1004
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mac80211: validate extended element ID is present
Before attempting to parse an extended element, verify that
the extended elemen…
Update
|
NVD-CWE-noinfo
|
CVE-2021-47611
|
2024-10-31 06:32 |
2024-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1005
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
firmware: arm_scpi: Fix string overflow in SCPI genpd driver
Without the bound checks for scpi_pd->name, it could result in the b…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2021-47609
|
2024-10-31 06:31 |
2024-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1006
|
8.8 |
HIGH
Network
|
zimbra
|
collaboration
|
An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch 41, and 8.8.15 before Patch 46. It allows authenticated users to exploit Server-Si…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-45518
|
2024-10-31 06:23 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1007
|
7.8 |
HIGH
Local
|
ysoft
|
safeq
|
A Local Privilege Escalation issue was discovered in Y Soft SAFEQ 6 Build 53. The SafeQ JMX service running on port 9696 is vulnerable to JMX MLet attacks. Because the service did not enforce authent…
Update
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2022-23862
|
2024-10-31 06:21 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1008
|
9.8 |
CRITICAL
Network
riskengine
|
radar
|
A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue affects some unknown processing of the component Interface Handler. The manipulation with the input /../…
Update
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-10121
|
2024-10-31 06:21 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1009
|
7.8 |
HIGH
Local
|
helakuru
|
helakuru
|
An issue in Helakuru Desktop Application v1.1 allows a local attacker to execute arbitrary code via the lack of proper validation of the wow64log.dll file.
Update
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-48605
|
2024-10-31 06:19 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1010
|
4.9 |
MEDIUM
Network
|
i13websolution
|
photo_gallery_slideshow_\&_masonry_tiled_gallery
|
The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.3 due to insufficient escaping…
Update
|
CWE-89
SQL Injection
|
CVE-2019-25218
|
2024-10-31 06:18 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
