|
312341
|
8.8 |
HIGH
Network
|
lopalopa
|
music_management_system
|
An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=save_playlist" in Kashipara Music Management System v1.0. This allows attackers to execute arbitrary code via uploading …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-42778
|
2024-08-23 02:46 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312342
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Permissions in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
|
NVD-CWE-noinfo
|
CVE-2024-7975
|
2024-08-23 02:40 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312343
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
jfs: Fix array-index-out-of-bounds in diFree
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-43858
|
2024-08-23 02:40 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312344
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix null reference error when checking end of zone
This patch fixes a potentially null pointer being accessed by
is_end_zon…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-43857
|
2024-08-23 02:38 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312345
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Views in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
|
NVD-CWE-noinfo
|
CVE-2024-7981
|
2024-08-23 02:36 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312346
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: L…
|
NVD-CWE-noinfo
|
CVE-2024-8034
|
2024-08-23 02:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312347
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Extensions in Google Chrome on Windows prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Lo…
|
NVD-CWE-noinfo
|
CVE-2024-8035
|
2024-08-23 02:33 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312348
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
remoteproc: imx_rproc: Skip over memory region when node value is NULL
In imx_rproc_addr_init() "nph = of_count_phandle_with_args…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-43860
|
2024-08-23 02:08 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312349
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal
Keith reports a use-after-free when a DPC event occurs concurrently…
|
CWE-416
Use After Free
|
CVE-2024-42302
|
2024-08-23 01:37 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312350
|
- |
|
-
|
-
|
JPress through 5.1.1 on Windows has an arbitrary file upload vulnerability that could cause arbitrary code execution via ::$DATA to AttachmentController, such as a .jsp::$DATA file to io.jpress.web.c…
|
-
|
CVE-2024-43033
|
2024-08-23 01:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
