1111
|
7.8 |
HIGH
Local
|
adobe
|
substance_3d_painter
|
Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-49520
|
2024-11-14 03:51 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1112
|
7.8 |
HIGH
Local
|
adobe
|
substance_3d_painter
|
Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47427
|
2024-11-14 03:48 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1113
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
sock_map: fix a NULL pointer dereference in sock_map_link_update_prog()
The following race condition could trigger a NULL pointer…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50260
|
2024-11-14 03:47 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1114
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fbdev: efifb: Register sysfs groups through driver core
The driver core can register and cleanup sysfs groups already.
Make use o…
|
CWE-416
Use After Free
|
CVE-2024-49925
|
2024-11-14 03:47 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1115
|
5.3 |
MEDIUM
Network
level1
|
wbr-6012_firmware
|
The LevelOne WBR-6012 router contains a vulnerability within its web application that allows unauthenticated disclosure of sensitive information, such as the WiFi WPS PIN, through a hidden page acces…
|
NVD-CWE-noinfo
|
CVE-2024-33626
|
2024-11-14 03:43 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1116
|
7.5 |
HIGH
Network
level1
|
wbr-6012_firmware
|
A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to a reboot. An attacker can send an HTTP request…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-33623
|
2024-11-14 03:43 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1117
|
7.5 |
HIGH
Network
opensourcelabs
|
skyscraper
|
SkyScrape is a GUI Dashboard for AWS Infrastructure and Managing Resources and Usage Costs. SkyScrape's API requests are currently unsecured HTTP requests, leading to potential vulnerabilities for t…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2024-37163
|
2024-11-14 03:42 |
2024-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1118
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan()
KASAN reported following issue:
BUG: KASAN: stack…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-50227
|
2024-11-14 03:39 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1119
|
5.3 |
MEDIUM
Network
level1
|
wbr-6012_firmware
|
The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application, which allows unauthenticated users to access a verbose system log page and obtain sensitive data, such…
|
NVD-CWE-noinfo
|
CVE-2024-33603
|
2024-11-14 03:39 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1120
|
5.9 |
MEDIUM
Network
|
level1
|
wbr-6012_firmware
|
A vulnerability in the LevelOne WBR-6012 router's firmware version R0.40e6 allows sensitive information to be transmitted in cleartext via Web and FTP services, exposing it to network sniffing attack…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2024-32946
|
2024-11-14 03:39 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|