|
312421
|
3.3 |
LOW
Local
|
apple
|
macos
|
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15. An app may be able to read sensitive location information.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-27849
|
2024-10-31 02:07 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312422
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
io_uring/sqpoll: ensure task state is TASK_RUNNING when running task_work
When the sqpoll is exiting and cancels pending work ite…
|
NVD-CWE-noinfo
|
CVE-2024-50079
|
2024-10-31 02:05 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312423
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func()
'new_map' is allocated using devm_* which takes care of…
|
CWE-415
Double Free
|
CVE-2024-50071
|
2024-10-31 02:02 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312424
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: stm32: check devm_kasprintf() returned value
devm_kasprintf() can return a NULL pointer on failure but this returned
val…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50070
|
2024-10-31 01:59 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312425
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: apple: check devm_kasprintf() returned value
devm_kasprintf() can return a NULL pointer on failure but this returned
val…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50069
|
2024-10-31 01:58 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312426
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm/damon/tests/sysfs-kunit.h: fix memory leak in damon_sysfs_test_add_targets()
The sysfs_target->regions allocated in damon_sysf…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50068
|
2024-10-31 01:57 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312427
|
9.8 |
CRITICAL
Network
|
codezips
|
sales_management_system
|
A vulnerability was found in Codezips Sales Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /addcustcom.php. The manipu…
|
CWE-89
SQL Injection
|
CVE-2024-10369
|
2024-10-31 01:50 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312428
|
9.8 |
CRITICAL
Network
|
codezips
|
sales_management_system
|
A vulnerability was found in Codezips Sales Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /addstock.php. The manipulation of the argument prod…
|
CWE-89
SQL Injection
|
CVE-2024-10368
|
2024-10-31 01:46 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312429
|
9.8 |
CRITICAL
Network
|
codezips
|
sales_management_system
|
A vulnerability was found in Codezips Sales Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /addcustind.php. The manipulation of…
|
CWE-89
SQL Injection
|
CVE-2024-10370
|
2024-10-31 01:38 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312430
|
6.1 |
MEDIUM
Network
|
heateor
|
sassy_social_share
|
The Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'urls' parameter called via the 'heateor_sss_sharing_count' AJAX action in versions up to, and incl…
|
CWE-79
Cross-site Scripting
|
CVE-2022-4971
|
2024-10-31 01:37 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
