|
308831
|
9.8 |
CRITICAL
Network
|
oretnom23
|
simple_music_cloud_community_system
|
A vulnerability classified as critical was found in SourceCodester Simple Music Cloud Community System 1.0. This vulnerability affects unknown code of the file /music/ajax.php?action=signup. The mani…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-11054
|
2024-11-14 11:43 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308832
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: clear wdev->cqm_config pointer on free
When we free wdev->cqm_config when unregistering, we also
need to clear ou…
|
CWE-415
Double Free
|
CVE-2024-50235
|
2024-11-14 11:26 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308833
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlegacy: Clear stale interrupts before resuming device
iwl4965 fails upon resume from hibernation on my laptop. The reason…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-50234
|
2024-11-14 11:25 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308834
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app may be able to cause a denial-of-service.
|
NVD-CWE-noinfo
|
CVE-2024-44197
|
2024-11-14 11:16 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308835
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.
|
NVD-CWE-noinfo
|
CVE-2024-44196
|
2024-11-14 11:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308836
|
7.8 |
HIGH
Local
|
artifex
debian
suse
|
ghostscript
debian_linux
linux_enterprise_high_performance_computing
linux_enterprise_server
linux_enterprise_server_for_sap
|
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2024-46951
|
2024-11-14 11:13 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308837
|
7.8 |
HIGH
Local
|
artifex
debian
suse
|
ghostscript
debian_linux
linux_enterprise_high_performance_computing
linux_enterprise_server
linux_enterprise_server_for_sap
|
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-46953
|
2024-11-14 11:01 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308838
|
7.8 |
HIGH
Local
|
artifex
debian
|
ghostscript
debian_linux
|
An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46952
|
2024-11-14 11:01 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308839
|
- |
|
-
|
-
|
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. Th…
|
-
|
CVE-2024-43093
|
2024-11-14 11:00 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308840
|
7.8 |
HIGH
Local
|
artifex
|
ghostscript
|
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
|
CWE-22
Path Traversal
|
CVE-2024-46954
|
2024-11-14 10:58 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
