|
313931
|
6.5 |
MEDIUM
Network
|
lunary
|
lunary
|
An information disclosure vulnerability exists in the lunary-ai/lunary, specifically in the `runs/{run_id}/related` endpoint. This endpoint does not verify that the user has the necessary access righ…
|
CWE-1220
Insufficient Granularity of Access Control
|
CVE-2024-6867
|
2024-09-20 03:28 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313932
|
9.8 |
CRITICAL
Network
|
arm
|
mbed_tls
|
An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in…
|
CWE-295
Improper Certificate Validation
|
CVE-2024-45159
|
2024-09-20 03:26 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313933
|
4.8 |
MEDIUM
Network
|
peepso
|
peepso
|
The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.4.5.0 due t…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7655
|
2024-09-20 03:20 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313934
|
4.8 |
MEDIUM
Network
|
peepso
|
peepso
|
The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘content’ parameter in all versions up to, …
|
CWE-79
Cross-site Scripting
|
CVE-2024-7618
|
2024-09-20 03:20 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313935
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: avoid using null object of framebuffer
Instead of using state->fb->obj[0] directly, get object from framebuffer
…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46694
|
2024-09-20 03:16 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313936
|
5.4 |
MEDIUM
Network
|
microfocus
|
netiq_access_manager
|
Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1.
|
CWE-79
Cross-site Scripting
|
CVE-2024-4554
|
2024-09-20 03:15 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313937
|
7.1 |
HIGH
Local
|
stripe
|
stripe-cli
|
stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a man…
|
CWE-22
Path Traversal
|
CVE-2024-45401
|
2024-09-20 03:12 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313938
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
pktgen: use cpus_read_lock() in pg_net_init()
I have seen the WARN_ON(smp_processor_id() != cpu) firing
in pktgen_thread_worker()…
|
NVD-CWE-noinfo
|
CVE-2024-46681
|
2024-09-20 03:10 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313939
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
binfmt_elf_fdpic: fix AUXV size calculation when ELF_HWCAP2 is defined
create_elf_fdpic_tables() does not correctly account the s…
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2024-46684
|
2024-09-20 03:04 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313940
|
6.1 |
MEDIUM
Network
|
mlewand
|
open_link
|
ckeditor-plugin-openlink is a plugin for the CKEditor JavaScript text editor that extends the context menu with a possibility to open a link in a new tab. A vulnerability in versions of the plugin pr…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45400
|
2024-09-20 03:04 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
