|
317651
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: L…
|
NVD-CWE-noinfo
|
CVE-2024-8034
|
2024-08-23 02:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317652
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Extensions in Google Chrome on Windows prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Lo…
|
NVD-CWE-noinfo
|
CVE-2024-8035
|
2024-08-23 02:33 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317653
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
remoteproc: imx_rproc: Skip over memory region when node value is NULL
In imx_rproc_addr_init() "nph = of_count_phandle_with_args…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-43860
|
2024-08-23 02:08 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317654
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal
Keith reports a use-after-free when a DPC event occurs concurrently…
|
CWE-416
Use After Free
|
CVE-2024-42302
|
2024-08-23 01:37 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317655
|
- |
|
-
|
-
|
JPress through 5.1.1 on Windows has an arbitrary file upload vulnerability that could cause arbitrary code execution via ::$DATA to AttachmentController, such as a .jsp::$DATA file to io.jpress.web.c…
|
-
|
CVE-2024-43033
|
2024-08-23 01:35 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317656
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
dev/parport: fix the array out-of-bounds risk
Fixed array out-of-bounds issues caused by sprintf
by replacing it with snprintf fo…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-42301
|
2024-08-23 01:31 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317657
|
- |
|
-
|
-
|
memos is a privacy-first, lightweight note-taking service. A CORS misconfiguration exists in memos 0.20.1 and earlier where an arbitrary origin is reflected with Access-Control-Allow-Credentials set …
|
-
|
CVE-2024-41659
|
2024-08-23 01:15 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317658
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
media: venus: fix use after free in vdec_close
There appears to be a possible use after free with vdec_close().
The firmware will…
|
CWE-416
Use After Free
|
CVE-2024-42313
|
2024-08-23 01:01 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317659
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes
In cdv_intel_lvds_get_modes(), the return value of drm_mode_…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-42310
|
2024-08-23 01:01 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317660
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes
In psb_intel_lvds_get_modes(), the return value of drm_mode_…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-42309
|
2024-08-23 01:01 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
