|
312761
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ASoC: Intel: soc-acpi-intel-rpl-match: add missing empty item
There is no links_num in struct snd_soc_acpi_mach {}, and we test
!…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-50011
|
2024-11-2 00:31 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312762
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm/gup: fix gup_pud_range() for dax
For dax pud, pud_huge() returns true on x86. So the function works as long
as hugetlb is conf…
|
NVD-CWE-noinfo
|
CVE-2022-48986
|
2024-11-2 00:30 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312763
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
media: v4l2-dv-timings.c: fix too strict blanking sanity checks
Sanity checks were added to verify the v4l2_bt_timings blanking f…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2022-48987
|
2024-11-2 00:27 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312764
|
5.4 |
MEDIUM
Network
|
streamweasels
|
twitch_integration
|
The StreamWeasels Twitch Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sw-twitch-embed shortcode in all versions up to, and including, 1.8.6 due to in…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9897
|
2024-11-2 00:27 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312765
|
4.3 |
MEDIUM
Network
|
elementinvader
|
elementinvader_addons_for_elementor
|
The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.9 via the Page Loader widget. This makes it poss…
|
NVD-CWE-noinfo
|
CVE-2024-9889
|
2024-11-2 00:27 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312766
|
4.3 |
MEDIUM
Network
|
myeventon
|
eventon-lite
|
The EventON PRO - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.8. This is due to missing or incor…
|
CWE-352
Origin Validation Error
|
CVE-2023-6243
|
2024-11-2 00:26 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312767
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
memcg: fix possible use-after-free in memcg_write_event_control()
memcg_write_event_control() accesses the dentry->d_name of the …
|
CWE-416
Use After Free
|
CVE-2022-48988
|
2024-11-2 00:20 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312768
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
gfs2: fix double destroy_workqueue error
When gfs2_fill_super() fails, destroy_workqueue() is called within
gfs2_gl_hash_clear(),…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49956
|
2024-11-2 00:19 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312769
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix system hang while resume with TBT monitor
[Why]
Connected with a Thunderbolt monitor and do the suspend and …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50003
|
2024-11-2 00:16 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312770
|
- |
|
-
|
-
|
Missing Authorization vulnerability in Presto Made, Inc Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Presto Player: from n/a through 3.0.2.
|
CWE-862
Missing Authorization
|
CVE-2024-43285
|
2024-11-2 00:15 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
