|
252121
|
5.3 |
MEDIUM
Network
|
stylemixthemes
|
cost_calculator_builder
|
The Cost Calculator Builder PRO plugin for WordPress is vulnerable to price manipulation in all versions up to, and including, 3.2.1. This is due to the plugin allowing the price field to be manipula…
|
NVD-CWE-Other
|
CVE-2024-6010
|
2024-10-24 01:15 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252122
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
firmware: arm_scmi: Fix double free in OPTEE transport
Channels can be shared between protocols, avoid freeing the same channel
d…
|
CWE-415
Double Free
|
CVE-2024-49853
|
2024-10-24 01:14 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252123
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del()
The kref_put() function will call nport->release if the …
|
CWE-416
Use After Free
|
CVE-2024-49852
|
2024-10-24 01:14 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252124
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
crypto: stm32/cryp - call finalize with bh disabled
The finalize operation in interrupt mode produce a produces a spinlock
recurs…
|
NVD-CWE-noinfo
|
CVE-2024-47658
|
2024-10-24 01:14 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252125
|
9.8 |
CRITICAL
Network
|
moridrin
|
ssv_events
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Moridrin SSV Events allows PHP Local File Inclusion.This issue affects SSV Events: from n/a through 3.2…
|
CWE-22
Path Traversal
|
CVE-2024-49286
|
2024-10-24 01:13 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252126
|
5.4 |
MEDIUM
Network
|
mightyplugins
|
mighty_builder
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mighty Plugins Mighty Builder allows Stored XSS.This issue affects Mighty Builder: from n/…
|
CWE-79
Cross-site Scripting
|
CVE-2024-48049
|
2024-10-24 01:12 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252127
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX
[Why & How]
It actually exposes '6' types in enum dmu…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46871
|
2024-10-24 01:10 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252128
|
6.1 |
MEDIUM
Network
|
unizoewebsolutions
|
jlayer_parallax_slider
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Unizoe Web Solutions jLayer Parallax Slider allows Reflected XSS.This issue affects jLayer…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49334
|
2024-10-24 01:08 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252129
|
6.1 |
MEDIUM
Network
|
sourav
|
all_in_one_slider
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sourav All in One Slider allows Reflected XSS.This issue affects All in One Slider: from n…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49323
|
2024-10-24 01:05 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252130
|
5.3 |
MEDIUM
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error()
syzbot reports a f2fs bug as below:
------------[ cut here ]---…
|
CWE-362
Race Condition
|
CVE-2024-47689
|
2024-10-24 00:53 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
