|
313141
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-7859. Reason: This candidate is a reservation duplicate of CVE-2024-7859. Notes: All CVE users should reference CV…
|
-
|
CVE-2024-8197
|
2024-10-5 01:15 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313142
|
9.8 |
CRITICAL
Network
|
wpjobportal
|
wp_job_portal
|
The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Local File Inclusion, Arbitrary Settings Update, and User Creation in all vers…
|
CWE-862
Missing Authorization
|
CVE-2024-7950
|
2024-10-5 01:12 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313143
|
4.3 |
MEDIUM
Network
|
fluentforms
|
contact_form
|
The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized Malichimp API key update due to an insufficient capability…
|
CWE-862
Missing Authorization
|
CVE-2024-5053
|
2024-10-5 01:02 |
2024-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313144
|
4.3 |
MEDIUM
Network
|
radiustheme
|
the_post_grid
|
The The Post Grid – Shortcode, Gutenberg Blocks and Elementor Addon for Post Grid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.7.11 via…
|
NVD-CWE-noinfo
|
CVE-2024-7418
|
2024-10-5 01:01 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313145
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Avoid race between dcn10_set_drr() and dc_state_destruct()
dc_state_destruct() nulls the resource context of the…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46851
|
2024-10-5 01:00 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313146
|
5.3 |
MEDIUM
Network
|
givewp
|
givewp
|
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.15.1. This is due to the plugin utilizing Symf…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-6551
|
2024-10-5 00:57 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313147
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Avoid race between dcn35_set_drr() and dc_state_destruct()
dc_state_destruct() nulls the resource context of the…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46850
|
2024-10-5 00:30 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313148
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
perf/x86/intel: Limit the period on Haswell
Running the ltp test cve-2015-3290 concurrently reports the following
warnings.
perf…
|
NVD-CWE-noinfo
|
CVE-2024-46848
|
2024-10-5 00:23 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313149
|
7.5 |
HIGH
Network
|
planet
|
gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware
|
The swctrl service is used to detect and remotely manage PLANET Technology devices. Certain switch models have a Denial-of-Service vulnerability in the swctrl service, allowing unauthenticated remote…
|
CWE-476
CWE-400
NULL Pointer Dereference
Uncontrolled Resource Consumption
|
CVE-2024-8454
|
2024-10-5 00:11 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313150
|
4.9 |
MEDIUM
Network
|
planet
|
gs-4210-24p2s_firmware
gs-4210-24pl4c_firmware
|
Certain switch models from PLANET Technology use an insecure hashing function to hash user passwords without being salted. Remote attackers with administrator privileges can read configuration files …
|
CWE-328
CWE-759
Use of Weak Hash
Use of a One-Way Hash without a Salt
|
CVE-2024-8453
|
2024-10-5 00:10 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
