|
304121
|
7.8 |
HIGH
Local
|
adobe
|
substance_3d_painter
|
Substance3D - Painter versions 10.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-49522
|
2024-11-9 03:06 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304122
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net
In the normal case, when we excute `echo 0 > /proc/fs/…
|
CWE-416
Use After Free
|
CVE-2024-50121
|
2024-11-9 03:05 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304123
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
smb: client: Handle kstrdup failures for passwords
In smb3_reconfigure(), after duplicating ctx->password and
ctx->password2 with…
|
NVD-CWE-noinfo
|
CVE-2024-50120
|
2024-11-9 03:04 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304124
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
cifs: fix warning when destroy 'cifs_io_request_pool'
There's a issue as follows:
WARNING: CPU: 1 PID: 27826 at mm/slub.c:4698 fr…
|
NVD-CWE-noinfo
|
CVE-2024-50119
|
2024-11-9 03:03 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304125
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: reject ro->rw reconfiguration if there are hard ro requirements
[BUG]
Syzbot reports the following crash:
BTRFS info (d…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50118
|
2024-11-9 03:02 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304126
|
2.7 |
LOW
Network
|
grafana
|
grafana
|
Organization admins can delete pending invites created in an organization they are not part of.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-10452
|
2024-11-9 02:59 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304127
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd: Guard against bad data for ATIF ACPI method
If a BIOS provides bad data in response to an ATIF method call
this causes a…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50117
|
2024-11-9 02:53 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304128
|
- |
|
-
|
-
|
Inconsistent <plaintext> tag parsing allows for XSS in Froala WYSIWYG editor 4.3.0 and earlier.
|
-
|
CVE-2024-51434
|
2024-11-9 02:35 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304129
|
- |
|
-
|
-
|
SourceCodester Survey Application System 1.0 is vulnerable to SQL Injection in takeSurvey.php via the id parameter.
|
-
|
CVE-2024-50766
|
2024-11-9 02:35 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304130
|
- |
|
-
|
-
|
The Inshot com.downloader.privatebrowser (aka Video Downloader - XDownloader) application through 1.3.5 for Android allows an attacker to execute arbitrary JavaScript code via the com.downloader.priv…
|
-
|
CVE-2024-46961
|
2024-11-9 02:35 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
