|
307891
|
8.8 |
HIGH
Network
|
rockwellautomation
|
thinmanager
|
CVE-2024-45826 IMPACT
Due to improper input validation, a path traversal and remote code execution vulnerability exists when the ThinManager® processes a crafted POST request. If exploited, a user ca…
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2024-45826
|
2024-10-2 23:35 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307892
|
7.5 |
HIGH
Network
|
clibomanager
|
clibo_manager
|
Rate limit vulnerability in Clibo Manager v1.1.9.2 that could allow an attacker to send a large number of emails to the victim in a short time, affecting availability and leading to a denial of servi…
|
NVD-CWE-Other
|
CVE-2024-9199
|
2024-10-2 23:33 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307893
|
5.4 |
MEDIUM
Network
|
clibomanager
|
clibo_manager
|
Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross-Site Scripting (stored XSS ) by uploading a malicious .svg image in the section: Profile > Profile pict…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9198
|
2024-10-2 23:33 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307894
|
4.8 |
MEDIUM
Network
|
radiustheme
|
the_post_grid
|
The Post Grid WordPress plugin before 7.5.0 does not sanitise and escape some of its Grid settings, which could allow high privilege users such as Editor and above to perform Stored Cross-Site Scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2024-3635
|
2024-10-2 23:30 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307895
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommufd: Require drivers to supply the cache_invalidate_user ops
If drivers don't do this then iommufd will oops invalidation ioc…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46824
|
2024-10-2 23:29 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307896
|
8.1 |
HIGH
Network
|
acquia
|
mautic
|
Prior to the patched version, logged in users of Mautic are vulnerable to Relative Path Traversal/Arbitrary File Deletion. Regardless of the level of access the Mautic user had, they could delete fil…
|
CWE-22
Path Traversal
|
CVE-2021-27916
|
2024-10-2 23:29 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307897
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
rtmutex: Drop rt_mutex::wait_lock before scheduling
rt_mutex_handle_deadlock() is called with rt_mutex::wait_lock held. In the
g…
|
CWE-667
Improper Locking
|
CVE-2024-46829
|
2024-10-2 23:27 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307898
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: microchip: vcap: Fix use-after-free error in kunit test
This is a clear use-after-free error. We remove it, and rely on chec…
|
CWE-416
Use After Free
|
CVE-2024-46831
|
2024-10-2 23:26 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307899
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix smatch static checker warning
adev->gfx.imu.funcs could be NULL
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46835
|
2024-10-2 23:24 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307900
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry
In a review discussion of the changes to support vCPU hotplug…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46822
|
2024-10-2 23:24 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
