|
305741
|
9.1 |
CRITICAL
Network
|
qualcomm
|
wsa8845h_firmware
wsa8845_firmware
wsa8840_firmware
wsa8835_firmware
wsa8832_firmware
wsa8830_firmware
wsa8815_firmware
wsa8810_firmware
wcn7881_firmware
wcn7880_firmware
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
|
NVD-CWE-noinfo
|
CVE-2024-38408
|
2024-11-9 00:07 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
305742
|
6.1 |
MEDIUM
Network
|
flycart
|
discount_rules_for_woocommerce
|
The Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of a…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8541
|
2024-11-9 00:07 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305743
|
8.8 |
HIGH
Network
|
ibm
|
watson_studio_local
|
IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
|
CWE-352
Origin Validation Error
|
CVE-2024-49340
|
2024-11-9 00:06 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305744
|
4.6 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path travers…
|
CWE-352
Origin Validation Error
|
CVE-2024-46872
|
2024-11-9 00:00 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305745
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nvme-pci: fix race condition between reset and nvme_dev_disable()
nvme_dev_disable() modifies the dev->online_queues field, there…
|
CWE-362
Race Condition
|
CVE-2024-50135
|
2024-11-8 23:34 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305746
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Unregister notifier on eswitch init failure
It otherwise remains registered and a subsequent attempt at eswitch
enablin…
|
NVD-CWE-noinfo
|
CVE-2024-50136
|
2024-11-8 23:31 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305747
|
6.5 |
MEDIUM
Network
|
zte
|
zxr10_1800-2s_firmware
zxr10_2800-4_firmware
zxr10_3800-8_firmware
zxr10_160_firmware
|
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the de…
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2024-22066
|
2024-11-8 23:31 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305748
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
reset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC
data->asserted will be NULL on JH7110 SoC since commit 8232…
|
NVD-CWE-noinfo
|
CVE-2024-50137
|
2024-11-8 23:29 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305749
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Use raw_spinlock_t in ringbuf
The function __bpf_ringbuf_reserve is invoked from a tracepoint, which
disables preemption. Us…
|
NVD-CWE-noinfo
|
CVE-2024-50138
|
2024-11-8 23:27 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305750
|
- |
|
-
|
-
|
During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a s…
|
-
|
CVE-2024-7784
|
2024-11-8 18:15 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
