|
314851
|
- |
|
-
|
-
|
Incomplete system memory cleanup in SEV firmware could
allow a privileged attacker to corrupt guest private memory, potentially
resulting in a loss of data integrity.
|
-
|
CVE-2023-31356
|
2024-10-31 04:35 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314852
|
- |
|
-
|
-
|
A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key, potentially resulting in internal debug information leakage.
|
-
|
CVE-2023-20512
|
2024-10-31 04:35 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314853
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
riscv: fix race when vmap stack overflow
Currently, when detecting vmap stack overflow, riscv firstly switches
to the so called s…
|
CWE-362
Race Condition
|
CVE-2022-49001
|
2024-10-31 03:58 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314854
|
6.1 |
MEDIUM
Network
|
butlerblog
|
wp-members
|
The WP-Members Membership Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, an…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9231
|
2024-10-31 03:56 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314855
|
7.5 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability classified as problematic was found in ESAFENET CDG 5. Affected by this vulnerability is the function actionViewDecyptFile of the file /com/esafenet/servlet/client/DecryptApplicationS…
|
CWE-22
Path Traversal
|
CVE-2024-10379
|
2024-10-31 03:54 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314856
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a maliciously crafted file may lead to an unexpect…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-44284
|
2024-10-31 03:48 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314857
|
9.8 |
CRITICAL
Network
|
codezips
|
pet_shop_management_system
|
A vulnerability, which was classified as critical, has been found in Codezips Pet Shop Management System 1.0. This issue affects some unknown processing of the file /animalsupdate.php. The manipulati…
|
CWE-89
SQL Injection
|
CVE-2024-10430
|
2024-10-31 03:48 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314858
|
5.5 |
MEDIUM
Local
|
apple
|
macos
iphone_os
ipados
watchos
visionos
tvos
|
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-44282
|
2024-10-31 03:47 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314859
|
5.5 |
MEDIUM
Local
|
apple
|
ipados
iphone_os
macos
watchos
visionos
tvos
|
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.1 and iPadOS 18.1, visionOS 2.1, macOS Sonoma 14.7.1, watchOS 11.1, tvOS 18.1. A malicious app may be able t…
|
CWE-59
Link Following
|
CVE-2024-44273
|
2024-10-31 03:45 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314860
|
9.8 |
CRITICAL
Network
|
projectworlds
|
simple_web-based_chat_application
|
A vulnerability has been found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. T…
|
CWE-89
SQL Injection
|
CVE-2024-10432
|
2024-10-31 03:45 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
