2181
|
7.5 |
HIGH
Network
samsung
|
exynos_850_firmware exynos_1080_firmware exynos_2100_firmware exynos_2200_firmware exynos_1280_firmware exynos_1380_firmware exynos_1330_firmware exynos_w930_firmware
|
A vulnerability was discovered in Samsung Mobile Processors Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, and Exynos W930 where they do not properly check …
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2024-27360
|
2024-10-31 05:35 |
2024-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2182
|
4.3 |
MEDIUM
Network
|
mozilla
|
firefox thunderbird
|
Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox …
|
NVD-CWE-noinfo
|
CVE-2024-6610
|
2024-10-31 05:35 |
2024-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2183
|
- |
|
-
|
-
|
A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunde…
|
-
|
CVE-2024-6601
|
2024-10-31 05:35 |
2024-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2184
|
6.5 |
MEDIUM
Network
|
openstack
|
nova glance cinder
|
An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 …
|
NVD-CWE-noinfo
|
CVE-2024-32498
|
2024-10-31 05:35 |
2024-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2185
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
PCI: of_property: Return error for int_map allocation failure
Return -ENOMEM from of_pci_prop_intr_map() if kcalloc() fails to pr…
|
-
|
CVE-2024-34030
|
2024-10-31 05:35 |
2024-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2186
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: nl80211: Avoid address calculations via out of bounds array indexing
Before request->channels[] can be used, request->n_cha…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-38562
|
2024-10-31 05:35 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2187
|
- |
|
-
|
-
|
Improper removal of sensitive information in data source export feature in Devolutions Remote Desktop Manager 2024.1.32.0 and earlier on Windows allows an attacker that obtains the exported settings …
|
-
|
CVE-2024-6055
|
2024-10-31 05:35 |
2024-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2188
|
5.5 |
MEDIUM
Local
|
apple
|
macos iphone_os ipados watchos
|
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. A maliciously crafted email may be able t…
|
NVD-CWE-noinfo
|
CVE-2024-23282
|
2024-10-31 05:35 |
2024-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2189
|
6.5 |
MEDIUM
Network
|
codepeople
|
music_store
|
SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. In…
|
CWE-89
SQL Injection
|
CVE-2024-36082
|
2024-10-31 05:35 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2190
|
- |
|
-
|
-
|
Hw64.sys in Marvin Test HW.exe before 5.0.5.0 allows unprivileged user-mode processes to arbitrarily map physical memory with read/write access via the MmMapIoSpace API (IOCTL 0x9c40a4f8, 0x9c40a4e8,…
|
-
|
CVE-2024-36055
|
2024-10-31 05:35 |
2024-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|