|
314401
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Increase array size of dummy_boolean
[WHY]
dml2_core_shared_mode_support and dml_core_mode_support access the th…
|
NVD-CWE-noinfo
|
CVE-2024-49971
|
2024-11-2 04:59 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314402
|
6.7 |
MEDIUM
Local
|
cisco
|
adaptive_security_appliance_software
firepower_threat_defense_software
|
A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arb…
|
CWE-94
Code Injection
|
CVE-2024-20485
|
2024-11-2 04:50 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314403
|
6.5 |
MEDIUM
Network
|
cisco
|
secure_firewall_management_center
|
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote at…
|
CWE-863
Incorrect Authorization
|
CVE-2024-20482
|
2024-11-2 04:49 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314404
|
9.0 |
CRITICAL
Network
|
lollms
|
lord_of_large_language_models
|
A vulnerability in the discussion image upload function of the Lollms application, version v9.9, allows for the uploading of SVG files. Due to incomplete filtering in the sanitize_svg function, this …
|
CWE-79
Cross-site Scripting
|
CVE-2024-6581
|
2024-11-2 04:38 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314405
|
6.5 |
MEDIUM
Network
|
trendmicro
|
deep_discovery_inspector
|
A vulnerability in Trend Micro Deep Discovery Inspector (DDI) versions 5.8 and above could allow an attacker to disclose sensitive information affected installations.
Please note: an attacker must…
|
NVD-CWE-noinfo
|
CVE-2024-46903
|
2024-11-2 04:35 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314406
|
- |
|
-
|
-
|
Tacquito prior to commit 07b49d1358e6ec0b5aa482fcd284f509191119e2 was not properly performing regex matches on authorized commands and arguments. Configured allowed commands/arguments were intended t…
|
-
|
CVE-2024-49400
|
2024-11-2 04:35 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314407
|
- |
|
-
|
-
|
A stored cross-site scripting (XSS) vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
|
-
|
CVE-2024-44573
|
2024-11-2 04:35 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314408
|
9.8 |
CRITICAL
Network
|
langchain
|
langchain
|
A vulnerability in the GraphCypherQAChain class of langchain-ai/langchain version 0.2.5 allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulatio…
|
CWE-74
Injection
|
CVE-2024-8309
|
2024-11-2 04:19 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314409
|
4.3 |
MEDIUM
Network
|
giuliopanda
|
bulk_images_optimizer
|
The Bulk images optimizer: Resize, optimize, convert to webp, rename … plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_configura…
|
CWE-862
Missing Authorization
|
CVE-2024-9361
|
2024-11-2 03:46 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314410
|
9.8 |
CRITICAL
Network
|
zte
|
wrtm326_firmware
|
The wireless router WRTM326 from SECOM does not properly validate a specific parameter. An unauthenticated remote attacker could execute arbitrary system commands by sending crafted requests.
|
CWE-78
OS Command
|
CVE-2024-10119
|
2024-11-2 03:40 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
