|
312781
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: qcom: x1e80100: Fix special pin offsets
Remove the erroneus 0x100000 offset to prevent the boards from crashing
on pin s…
|
NVD-CWE-noinfo
|
CVE-2024-46708
|
2024-09-19 22:28 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312782
|
5.3 |
MEDIUM
Network
|
miniorange
|
web_application_firewall
|
The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1.2. This is due to insufficient restrictions on where the IP Address inform…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2022-4539
|
2024-09-19 22:27 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312783
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx: Fix prime with external buffers
Make sure that for external buffers mapping goes through the dma_buf
interface instea…
|
NVD-CWE-noinfo
|
CVE-2024-46709
|
2024-09-19 22:26 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312784
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mptcp: pm: fix ID 0 endp usage after multiple re-creations
'local_addr_used' and 'add_addr_accepted' are decremented for addresse…
|
NVD-CWE-noinfo
|
CVE-2024-46711
|
2024-09-19 22:12 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312785
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx: Disable coherent dumb buffers without 3d
Coherent surfaces make only sense if the host renders to them using
accelera…
|
NVD-CWE-noinfo
|
CVE-2024-46712
|
2024-09-19 22:09 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312786
|
9.8 |
CRITICAL
Network
|
tnbmobil
|
cockpit
|
Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable.This issue affects Cockpit Software: before v2.13.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-6656
|
2024-09-19 22:05 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312787
|
5.3 |
MEDIUM
Network
|
secreto31126
|
whatsapp-api-js
|
whatsapp-api-js is a TypeScript server agnostic Whatsapp's Official API framework. It's possible to check the payload validation using the WhatsAppAPI.verifyRequestSignature and expect false when the…
|
NVD-CWE-Other
|
CVE-2024-45607
|
2024-09-19 11:05 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312788
|
8.8 |
HIGH
Network
|
rockwellautomation
|
2800c_optixpanel_compact_firmware
2800s_optixpanel_standard_firmware
embedded_edge_compute_module_firmware
|
A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials an…
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-8533
|
2024-09-19 10:57 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312789
|
9.8 |
CRITICAL
Network
|
rockwellautomation
|
pavilion8
|
A path traversal vulnerability exists in the Rockwell Automation affected product. If exploited, the threat actor could upload arbitrary files to the server that could result in a remote code execut…
|
CWE-22
Path Traversal
|
CVE-2024-7961
|
2024-09-19 10:52 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312790
|
9.1 |
CRITICAL
Network
|
rockwellautomation
|
pavilion8
|
The Rockwell Automation affected product contains a vulnerability that allows a threat actor to view sensitive information and change settings. The vulnerability exists due to having an incorrect pri…
|
NVD-CWE-noinfo
|
CVE-2024-7960
|
2024-09-19 10:52 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
