|
2221
|
- |
|
-
|
-
|
A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this con…
|
CWE-94
Code Injection
|
CVE-2024-9050
|
2024-11-13 06:15 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2222
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: MGMT: Fix possible crash on mgmt_index_removed
If mgmt_index_removed is called while there are commands queued on
cmd_…
|
NVD-CWE-noinfo
|
CVE-2024-49951
|
2024-11-13 06:06 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2223
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: avoid potential underflow in qdisc_pkt_len_init() with UFO
After commit 7c6d2ecbda83 ("net: be more gentle about silly gso
r…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49949
|
2024-11-13 06:03 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2224
|
9.8 |
CRITICAL
Network
eyecix
|
jobsearch_wp_job_board
|
Deserialization of Untrusted Data vulnerability in Eyecix JobSearch allows Object Injection.This issue affects JobSearch: from n/a through 2.5.9.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-47636
|
2024-11-13 05:52 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2225
|
9.8 |
CRITICAL
Network
eyecix
|
jobsearch_wp_job_board
|
Missing Authorization vulnerability in eyecix JobSearch allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JobSearch: from n/a through 2.5.4.
|
CWE-862
Missing Authorization
|
CVE-2024-43929
|
2024-11-13 05:49 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2226
|
8.8 |
HIGH
Network
|
eyecix
|
jobsearch_wp_job_board
|
Missing Authorization vulnerability in eyecix JobSearch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobSearch: from n/a through 2.5.4.
|
CWE-862
Missing Authorization
|
CVE-2024-43928
|
2024-11-13 05:49 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2227
|
9.8 |
CRITICAL
Network
wpmanageninja
|
fluent_support
|
Missing Authorization vulnerability in WPManageNinja LLC Fluent Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Support: from n/a through 1.8…
|
CWE-862
Missing Authorization
|
CVE-2024-47302
|
2024-11-13 05:40 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2228
|
9.8 |
CRITICAL
Network
kraftplugins
|
wheel_of_life
|
Missing Authorization vulnerability in Kraft Plugins Wheel of Life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through 1.1.8.
|
CWE-862
Missing Authorization
|
CVE-2024-47311
|
2024-11-13 05:35 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2229
|
9.8 |
CRITICAL
Network
templately
|
templately
|
Missing Authorization vulnerability in Templately allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Templately: from n/a through 3.1.2.
|
CWE-862
Missing Authorization
|
CVE-2024-47308
|
2024-11-13 05:35 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2230
|
- |
|
-
|
-
|
A maliciously crafted SLDDRW file, when parsed in ODXSW_DLL.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read…
|
-
|
CVE-2024-23149
|
2024-11-13 05:35 |
2024-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
