|
313861
|
7.5 |
HIGH
Network
|
wellchoose
|
administrative_management_system
|
Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.
|
CWE-22
Path Traversal
|
CVE-2024-10200
|
2024-10-24 22:57 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313862
|
7.2 |
HIGH
Network
|
total-soft
|
ts_poll
|
The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks
|
CWE-89
SQL Injection
|
CVE-2024-8625
|
2024-10-24 22:56 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313863
|
8.8 |
HIGH
Network
|
wellchoose
|
administrative_management_system
|
Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10201
|
2024-10-24 22:56 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313864
|
8.8 |
HIGH
Network
|
wellchoose
|
administrative_management_system
|
Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.
|
CWE-78
OS Command
|
CVE-2024-10202
|
2024-10-24 22:55 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313865
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netkit: Assign missing bpf_net_context
During the introduction of struct bpf_net_context handling for
XDP-redirect, the netkit dr…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47708
|
2024-10-24 22:45 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313866
|
8.8 |
HIGH
Network
|
latepoint
|
latepoint
|
Cross-Site Request Forgery (CSRF) vulnerability in Latepoint LatePoint allows Cross Site Request Forgery.This issue affects LatePoint: from n/a through 4.9.91.
|
CWE-352
Origin Validation Error
|
CVE-2024-43945
|
2024-10-24 22:45 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313867
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()
Blamed commit accidentally removed a check for rt->rt6i_idev bei…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47707
|
2024-10-24 22:44 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313868
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
block: fix potential invalid pointer dereference in blk_add_partition
The blk_add_partition() function initially used a single if…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47705
|
2024-10-24 22:35 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313869
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Check link_res->hpo_dp_link_enc before using it
[WHAT & HOW]
Functions dp_enable_link_phy and dp_disable_link_ph…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47704
|
2024-10-24 22:34 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313870
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf, lsm: Add check for BPF LSM return value
A bpf prog returning a positive number attached to file_alloc_security
hook makes ke…
|
NVD-CWE-noinfo
|
CVE-2024-47703
|
2024-10-24 22:33 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
