|
250441
|
7.3 |
HIGH
Network
|
te-st
|
teplobot
|
The TeploBot - Telegram Bot for WP plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'service_process' function in all versions up to, …
|
NVD-CWE-noinfo
|
CVE-2024-9627
|
2024-10-26 06:19 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250442
|
6.3 |
MEDIUM
Network
|
roveridx
|
rover_idx
|
The Rover IDX plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 3…
|
CWE-862
Missing Authorization
|
CVE-2024-10003
|
2024-10-26 06:19 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250443
|
4.3 |
MEDIUM
Network
|
blazethemes
|
news_kit_elementor_addons
|
The News Kit Elementor Addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.1 via the render function in includes/widgets/canvas-menu/…
|
NVD-CWE-noinfo
|
CVE-2024-9541
|
2024-10-26 06:16 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250444
|
5.4 |
MEDIUM
Network
|
aftabhusain
|
category_and_taxonomy_meta_fields
|
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on…
|
CWE-352
Origin Validation Error
|
CVE-2024-9588
|
2024-10-26 06:15 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250445
|
3.1 |
LOW
Network
|
archerirm
|
archer
|
Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass vulnerability related to supporting application files. A remote unprivileged attacker could potentially exploit t…
|
CWE-863
Incorrect Authorization
|
CVE-2024-49208
|
2024-10-26 05:18 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250446
|
4.3 |
MEDIUM
Network
|
archerirm
|
archer
|
Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass vulnerability related to supporting application files. A remote unprivileged attacker could potentially explo…
|
CWE-863
Incorrect Authorization
|
CVE-2024-49209
|
2024-10-26 05:17 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250447
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
x86/mm/ident_map: Use gbpages only where full GB page should be mapped.
When ident_pud_init() uses only GB pages to create identi…
|
NVD-CWE-noinfo
|
CVE-2024-50017
|
2024-10-26 05:15 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250448
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix index out of bounds in DCN30 color transformation
This commit addresses a potential index out of bounds issu…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-49969
|
2024-10-26 05:15 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250449
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: napi: Prevent overflow of napi_defer_hard_irqs
In commit 6f8b12d661d0 ("net: napi: add hard irqs deferral feature")
napi_def…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-50018
|
2024-10-26 05:14 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250450
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tracing/timerlat: Drop interface_lock in stop_kthread()
stop_kthread() is the offline callback for "trace/osnoise:online", since
…
|
CWE-667
Improper Locking
|
CVE-2024-49976
|
2024-10-26 05:14 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
