|
313741
|
- |
|
-
|
-
|
Missing Authorization vulnerability in WishList Products WishList Member X allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WishList Member X: from n/a throu…
|
CWE-862
Missing Authorization
|
CVE-2024-37106
|
2024-11-2 00:15 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313742
|
- |
|
-
|
-
|
Missing Authorization vulnerability in Popup Box Team Popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup box: from n/a through 4.5.1.
|
CWE-862
Missing Authorization
|
CVE-2024-37096
|
2024-11-2 00:15 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313743
|
- |
|
-
|
-
|
Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n…
|
CWE-862
Missing Authorization
|
CVE-2024-37095
|
2024-11-2 00:15 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313744
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check phantom_stream before it is used
dcn32_enable_phantom_stream can return null, so returned value
must be ch…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49897
|
2024-11-1 23:55 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313745
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/guc_submit: add missing locking in wedged_fini
Any non-wedged queue can have a zero refcount here and can be running
concu…
|
CWE-667
Improper Locking
|
CVE-2024-49943
|
2024-11-1 23:54 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313746
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/ncsi: Disable the ncsi work before freeing the associated structure
The work function can run after the ncsi device is freed,…
|
CWE-416
Use After Free
|
CVE-2024-49945
|
2024-11-1 23:52 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313747
|
5.9 |
MEDIUM
Network
|
securesystems
|
connaisseur
|
A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and classified as problematic. This vulnerability affects unknown code of the file connaisseur/res/targets_schema.…
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2023-7279
|
2024-11-1 23:43 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313748
|
9.8 |
CRITICAL
Network
|
tenda
|
ac1206_firmware
|
A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This vulnerability affects the function ate_iwpriv_set/ate_ifconfig_set of the file /goform/ate. The manipulation l…
|
CWE-78
OS Command
|
CVE-2024-9793
|
2024-11-1 23:36 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313749
|
- |
|
-
|
-
|
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). The password could be reset by anyone who have access to the ma…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2024-50356
|
2024-11-1 23:35 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313750
|
7.1 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect …
|
CWE-863
Incorrect Authorization
|
CVE-2024-8691
|
2024-11-1 23:26 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
