|
305651
|
5.4 |
MEDIUM
Network
|
o-dyn
|
collabtive
|
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the title parameter with action=add or action=editform within the (a) managemessage.php file and (b) managetask.php file respectively.
|
CWE-79
Cross-site Scripting
|
CVE-2024-48706
|
2024-10-26 03:58 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305652
|
4.3 |
MEDIUM
Network
|
qodeinteractive
|
qi_addons_for_elementor
|
The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.0 via private templates. This makes it possible for authenti…
|
NVD-CWE-noinfo
|
CVE-2024-9530
|
2024-10-26 03:52 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305653
|
4.3 |
MEDIUM
Network
|
wpbeginner
|
transients_manager
|
The Transients Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the proces…
|
CWE-352
Origin Validation Error
|
CVE-2024-10045
|
2024-10-26 03:52 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305654
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
gpiolib: fix memory leak in gpiochip_setup_dev()
Here is a backtrace report about memory leak detected in
gpiochip_setup_dev():
…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48975
|
2024-10-26 03:48 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305655
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
can: af_can: fix NULL pointer dereference in can_rcv_filter
Analogue to commit 8aa59e355949 ("can: af_can: fix NULL pointer
deref…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48977
|
2024-10-26 03:47 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305656
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: flowtable_offload: fix using __this_cpu_add in preemptible
flow_offload_queue_work() can be called in workqueue withou…
|
NVD-CWE-noinfo
|
CVE-2022-48976
|
2024-10-26 03:47 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305657
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
HID: core: fix shift-out-of-bounds in hid_report_raw_event
Syzbot reported shift-out-of-bounds in hid_report_raw_event.
microsof…
|
NVD-CWE-Other
|
CVE-2022-48978
|
2024-10-26 03:46 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305658
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: fix array index out of bound error in DCN32 DML
[Why&How]
LinkCapacitySupport array is indexed with the number o…
|
CWE-129
Improper Validation of Array Index
|
CVE-2022-48979
|
2024-10-26 03:40 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305659
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing()
The SJA1105 family has 45 L2 policing table entries
(…
|
CWE-787
Out-of-bounds Write
|
CVE-2022-48980
|
2024-10-26 03:36 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305660
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/shmem-helper: Remove errant put in error path
drm_gem_shmem_mmap() doesn't own this reference, resulting in the GEM
object ge…
|
CWE-416
Use After Free
|
CVE-2022-48981
|
2024-10-26 03:33 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
