|
309071
|
5.4 |
MEDIUM
Network
|
share_this_image_project
|
share_this_image
|
The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alignment' parameter in all versions up to, and including, 2.01 due to insufficient input sanitization …
|
CWE-79
Cross-site Scripting
|
CVE-2024-8108
|
2024-09-19 22:37 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309072
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
thunderbolt: Mark XDomain as unplugged when router is removed
I noticed that when we do discrete host router NVM upgrade and it g…
|
NVD-CWE-noinfo
|
CVE-2024-46702
|
2024-09-19 22:35 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309073
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Revert "serial: 8250_omap: Set the console genpd always on if no console suspend"
This reverts commit 68e6939ea9ec3d6579eadeab160…
|
NVD-CWE-noinfo
|
CVE-2024-46703
|
2024-09-19 22:33 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309074
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
workqueue: Fix spruious data race in __flush_work()
When flushing a work item for cancellation, __flush_work() knows that it
excl…
|
NVD-CWE-noinfo
|
CVE-2024-46704
|
2024-09-19 22:32 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309075
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: reset mmio mappings with devm
Set our various mmio mappings to NULL. This should make it easier to
catch something rogue …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46705
|
2024-09-19 22:30 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309076
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3
On a system with a GICv3, if a guest hasn't been configured with
…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46707
|
2024-09-19 22:29 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309077
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: qcom: x1e80100: Fix special pin offsets
Remove the erroneus 0x100000 offset to prevent the boards from crashing
on pin s…
|
NVD-CWE-noinfo
|
CVE-2024-46708
|
2024-09-19 22:28 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309078
|
5.3 |
MEDIUM
Network
|
miniorange
|
web_application_firewall
|
The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1.2. This is due to insufficient restrictions on where the IP Address inform…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2022-4539
|
2024-09-19 22:27 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309079
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx: Fix prime with external buffers
Make sure that for external buffers mapping goes through the dma_buf
interface instea…
|
NVD-CWE-noinfo
|
CVE-2024-46709
|
2024-09-19 22:26 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309080
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mptcp: pm: fix ID 0 endp usage after multiple re-creations
'local_addr_used' and 'add_addr_accepted' are decremented for addresse…
|
NVD-CWE-noinfo
|
CVE-2024-46711
|
2024-09-19 22:12 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
