|
305681
|
5.4 |
MEDIUM
Network
|
rebelcode
|
rss_aggregator
|
The RSS Aggregator – RSS Import, News Feeds, Feed to Post, and Autoblogging plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the wprss_ajax…
|
CWE-862
Missing Authorization
|
CVE-2024-9583
|
2024-10-26 01:28 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305682
|
3.1 |
LOW
Network
|
umbraco
|
umbraco_cms
|
Umbraco, a free and open source .NET content management system, has an insufficient session expiration issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.1…
|
CWE-613
Insufficient Session Expiration
|
CVE-2024-48926
|
2024-10-26 01:19 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305683
|
4.6 |
MEDIUM
Network
|
umbraco
|
umbraco_cms
|
Umbraco, a free and open source .NET content management system, has a remote code execution issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. There…
|
CWE-79
Cross-site Scripting
|
CVE-2024-48927
|
2024-10-26 01:15 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305684
|
- |
|
-
|
-
|
Cross Site Scripting vulnerability in JavaScript Library jquery-ui v.1.13.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the window.add…
|
-
|
CVE-2024-30875
|
2024-10-26 01:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305685
|
4.2 |
MEDIUM
Network
|
umbraco
|
umbraco_cms
|
Umbraco is a free and open source .NET content management system. In versions on the 13.x branch prior to 13.5.2 and versions on the 10.x branch prior to 10.8.7, during an explicit sign-out, the serv…
|
CWE-384
Session Fixation
|
CVE-2024-48929
|
2024-10-26 01:12 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305686
|
9.8 |
CRITICAL
Network
|
ibm
|
concert
|
IBM Concert 1.0.0 and 1.0.1 vulnerable to attacks that rely on the use of cookies without the SameSite attribute.
|
CWE-295
Improper Certificate Validation
|
CVE-2024-43177
|
2024-10-26 01:05 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305687
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: fix use-after-free during gpu recovery
[Why]
[ 754.862560] refcount_t: underflow; use-after-free.
[ 754.862…
|
CWE-416
Use After Free
|
CVE-2022-48990
|
2024-10-26 01:03 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305688
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fscache: Fix oops due to race with cookie_lru and use_cookie
If a cookie expires from the LRU and the LRU_DISCARD flag is set, bu…
|
CWE-362
Race Condition
|
CVE-2022-48989
|
2024-10-26 01:02 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305689
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
io_uring: Fix a null-ptr-deref in io_tctx_exit_cb()
Syzkaller reports a NULL deref bug as follows:
BUG: KASAN: null-ptr-deref i…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48983
|
2024-10-26 00:58 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305690
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: add list empty check to avoid null pointer issue
Add list empty check to avoid null pointer issues in some corner cas…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49904
|
2024-10-26 00:54 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
