|
314671
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
gtp: pull network headers in gtp_dev_xmit()
syzbot/KMSAN reported use of uninit-value in get_dev_xmit() [1]
We must make sure th…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-44999
|
2024-09-7 01:27 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314672
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs/netfs/fscache_cookie: add missing "n_accesses" check
This fixes a NULL pointer dereference bug due to a data race which
looks …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-45000
|
2024-09-7 01:27 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314673
|
5.5 |
MEDIUM
Local
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Acrobat Reader versions 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacke…
|
CWE-416
Use After Free
|
CVE-2024-45107
|
2024-09-7 01:26 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314674
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration
re-enumerating full-speed devices after a failed address …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-45006
|
2024-09-7 01:26 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314675
|
5.3 |
MEDIUM
Network
|
trellix
|
intrusion_prevention_system_manager
|
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly
|
CWE-287
Improper Authentication
|
CVE-2024-5956
|
2024-09-7 01:25 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314676
|
7.5 |
HIGH
Network
|
trellix
|
intrusion_prevention_system_manager
|
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager.
|
CWE-287
Improper Authentication
|
CVE-2024-5957
|
2024-09-7 01:24 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314677
|
4.3 |
MEDIUM
Network
|
wpextended
|
wp_extended
|
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification of user names due to a missing capability check on the wpext_change_admin_name() funct…
|
CWE-862
Missing Authorization
|
CVE-2024-8121
|
2024-09-7 01:20 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314678
|
6.1 |
MEDIUM
Network
|
wpextended
|
wp_extended
|
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the page parameter in all versions up to, and including, 3.0.8 due to insuffi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8119
|
2024-09-7 01:11 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314679
|
6.1 |
MEDIUM
Network
|
wpextended
|
wp_extended
|
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘selected_option’ parameter in all versions up to, and including, 3.0.8 d…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8117
|
2024-09-7 01:04 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314680
|
6.5 |
MEDIUM
Network
|
bitapps
|
bit_form
|
Incorrect Authorization vulnerability in Bit Apps Bit Form Pro bitformpro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bit Form Pro: from n/a through 2.6.4.
|
CWE-863
Incorrect Authorization
|
CVE-2024-43250
|
2024-09-7 01:02 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
