|
308061
|
5.4 |
MEDIUM
Network
|
clibomanager
|
clibo_manager
|
Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross-Site Scripting (stored XSS ) by uploading a malicious .svg image in the section: Profile > Profile pict…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9198
|
2024-10-2 23:33 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308062
|
4.8 |
MEDIUM
Network
|
radiustheme
|
the_post_grid
|
The Post Grid WordPress plugin before 7.5.0 does not sanitise and escape some of its Grid settings, which could allow high privilege users such as Editor and above to perform Stored Cross-Site Scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2024-3635
|
2024-10-2 23:30 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308063
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommufd: Require drivers to supply the cache_invalidate_user ops
If drivers don't do this then iommufd will oops invalidation ioc…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46824
|
2024-10-2 23:29 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308064
|
8.1 |
HIGH
Network
|
acquia
|
mautic
|
Prior to the patched version, logged in users of Mautic are vulnerable to Relative Path Traversal/Arbitrary File Deletion. Regardless of the level of access the Mautic user had, they could delete fil…
|
CWE-22
Path Traversal
|
CVE-2021-27916
|
2024-10-2 23:29 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308065
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
rtmutex: Drop rt_mutex::wait_lock before scheduling
rt_mutex_handle_deadlock() is called with rt_mutex::wait_lock held. In the
g…
|
CWE-667
Improper Locking
|
CVE-2024-46829
|
2024-10-2 23:27 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308066
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: microchip: vcap: Fix use-after-free error in kunit test
This is a clear use-after-free error. We remove it, and rely on chec…
|
CWE-416
Use After Free
|
CVE-2024-46831
|
2024-10-2 23:26 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308067
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix smatch static checker warning
adev->gfx.imu.funcs could be NULL
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46835
|
2024-10-2 23:24 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308068
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry
In a review discussion of the changes to support vCPU hotplug…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46822
|
2024-10-2 23:24 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308069
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Add missing NULL pointer check within dpcd_extend_address_range
[Why & How]
ASSERT if return NULL from kcalloc.
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46808
|
2024-10-2 23:23 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308070
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
um: line: always fill *error_out in setup_one_line()
The pointer isn't initialized by callers, but I have
encountered cases where…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2024-46844
|
2024-10-2 23:22 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
