|
312231
|
9.8 |
CRITICAL
Network
|
oceanicsoft
|
valeapp
|
Session Fixation vulnerability in Oceanic Software ValeApp allows Brute Force, Session Hijacking.This issue affects ValeApp: before v2.0.0.
|
CWE-384
Session Fixation
|
CVE-2024-8643
|
2024-10-5 02:14 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312232
|
6.1 |
MEDIUM
Network
|
projectcaruso
|
flaming_forms
|
The Flaming Forms WordPress plugin through 1.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used agains…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7692
|
2024-10-5 02:14 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312233
|
7.5 |
HIGH
Network
|
oceanicsoft
|
valeapp
|
Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Query System for Information.This issue affects ValeApp: before v2.0.0.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-8609
|
2024-10-5 02:12 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312234
|
9.8 |
CRITICAL
Network
|
oceanicsoft
|
valeapp
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oceanic Software ValeApp allows SQL Injection.This issue affects ValeApp: before v2.0.0.
|
CWE-89
SQL Injection
|
CVE-2024-8607
|
2024-10-5 02:12 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312235
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: the warning dereferencing obj for nbio_v7_4
if ras_manager obj null, don't print NBIO err data
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46819
|
2024-10-5 02:11 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312236
|
5.4 |
MEDIUM
Network
|
oceanicsoft
|
valeapp
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Oceanic Software ValeApp allows Stored XSS.This issue affects ValeApp: before v2.0.0.
|
CWE-79
Cross-site Scripting
|
CVE-2024-8608
|
2024-10-5 02:11 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312237
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/pm: Fix negative array index read
Avoid using the negative values
for clk_idex as an index into an array pptable->DpmDesc…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46821
|
2024-10-5 02:06 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312238
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: core: Check for unset descriptor
Make sure the descriptor has been set before looking at maxpacket.
This fixes a nul…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-44960
|
2024-10-5 01:44 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312239
|
7.8 |
HIGH
Local
|
randygaul
|
cute_png
|
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_load_png_mem() function at cute_png.h.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-46258
|
2024-10-5 01:41 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312240
|
7.8 |
HIGH
Local
|
randygaul
|
cute_png
|
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_make32() function at cute_png.h.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-46261
|
2024-10-5 01:40 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
