|
250431
|
4.4 |
MEDIUM
Local
|
google
|
android
|
In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed …
|
CWE-125
Out-of-bounds Read
|
CVE-2024-20091
|
2024-10-27 12:35 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250432
|
4.4 |
MEDIUM
Local
|
linuxfoundation
rdkcentral
google
openwrt
|
yocto
rdk-b
android
openwrt
|
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-20085
|
2024-10-27 12:35 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250433
|
4.4 |
MEDIUM
Local
|
linuxfoundation
rdkcentral
google
openwrt
|
yocto
rdk-b
android
openwrt
|
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-20084
|
2024-10-27 12:35 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250434
|
- |
|
-
|
-
|
A stack buffer overflow was addressed through improved input validation. This issue is fixed in Apple TV 1.5.0.152 for Windows, iTunes 12.13.3 for Windows. Parsing a maliciously crafted video file ma…
|
-
|
CVE-2024-44157
|
2024-10-27 11:35 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250435
|
8.8 |
HIGH
Network
|
elecom
|
wrc-2533gs2-b_firmware
wrc-2533gs2-w_firmware
wrc-2533gs2v-b_firmware
wrc-x6000xs-g_firmware
wrc-x1500gs-b_firmware
wrc-x1500gsa-b_firmware
|
Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a malicious page while logging in to the affected product with an administrative privilege, the user may be dir…
|
CWE-352
Origin Validation Error
|
CVE-2024-40883
|
2024-10-27 10:35 |
2024-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250436
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
NFC: nci: Bounds check struct nfc_target arrays
While running under CONFIG_FORTIFY_SOURCE=y, syzkaller reported:
memcpy: detec…
|
CWE-129
Improper Validation of Array Index
|
CVE-2022-48967
|
2024-10-26 06:27 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250437
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
octeontx2-pf: Fix potential memory leak in otx2_init_tc()
In otx2_init_tc(), if rhashtable_init() failed, it does not free
tc->tc…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48968
|
2024-10-26 06:26 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250438
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xen-netfront: Fix NULL sring after live migration
A NAPI is setup for each network sring to poll data to kernel
The sring with so…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48969
|
2024-10-26 06:22 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250439
|
5.3 |
MEDIUM
Network
|
servmask
|
all-in-one_wp_migration
|
The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.86 through publicly exposed log files. This makes i…
|
NVD-CWE-noinfo
|
CVE-2024-8852
|
2024-10-26 06:20 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250440
|
8.8 |
HIGH
Network
|
roveridx
|
rover_idx
|
The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and including, 3.0.0.2905. This is due to insufficient validation and capability check on the 'rover_idx_r…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-10002
|
2024-10-26 06:20 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
