|
261
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
veth: ensure skb entering GRO are not cloned.
After commit d3256efd8e8b ("veth: allow enabling NAPI even without XDP"),
if GRO is…
Update
|
-
|
CVE-2021-47099
|
2024-11-1 00:35 |
2024-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
262
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
powerpc/64s: Fix pte update for kernel memory on radix
When adding a PTE a ptesync is needed to order the update of the PTE
with …
Update
|
-
|
CVE-2021-47034
|
2024-11-1 00:35 |
2024-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263
|
- |
|
-
|
-
|
Out of bounds memory access in Blink in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Hig…
Update
|
-
|
CVE-2024-1669
|
2024-11-1 00:35 |
2024-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264
|
- |
|
-
|
-
|
In multiple locations, there is a possible out of bounds read due to a missing bounds check. This could lead to paired device information disclosure with no additional execution privileges needed. Us…
Update
|
-
|
CVE-2024-0016
|
2024-11-1 00:35 |
2024-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265
|
7.5 |
HIGH
Network
crestron
|
cp3n_6505417_firmware
cp3_6504877_firmware
cp3-gv_6506034_firmware
|
On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash.
Update
|
NVD-CWE-noinfo
|
CVE-2023-38405
|
2024-11-1 00:35 |
2023-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
266
|
4.9 |
MEDIUM
Network
|
funadmin
|
funadmin
|
Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile.
Update
|
CWE-22
Path Traversal
|
CVE-2024-48224
|
2024-11-1 00:32 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267
|
6.1 |
MEDIUM
Network
|
manzurulhaque
|
banner_slider
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Manzurul Haque Banner Slider allows Reflected XSS.This issue affects Banner Slider: from n…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-49635
|
2024-11-1 00:27 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268
|
5.3 |
MEDIUM
Network
hcltech
|
sametime
|
HCL Sametime is impacted by the error messages containing sensitive information. An attacker can use this information to launch another, more focused attack.
Update
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2023-50355
|
2024-11-1 00:18 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
269
|
7.5 |
HIGH
Network
mozilla
|
thunderbird
firefox
|
An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR <…
New
|
CWE-416
Use After Free
|
CVE-2024-10459
|
2024-11-1 00:16 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
270
|
- |
|
-
|
-
|
DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify was vulnerable to prototype pollution. This vulnerability is fixed in 2.4.2.
New
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2024-48910
|
2024-11-1 00:15 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
