|
305481
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow
Syzkaller reported this splat:
=====================================…
|
CWE-416
Use After Free
|
CVE-2024-50085
|
2024-10-30 23:49 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305482
|
8.8 |
HIGH
Network
|
liferay
|
digital_experience_platform
liferay_portal
|
The workflow component in Liferay Portal 7.3.2 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92 and 7.3 GA through update 36 does …
|
CWE-863
Incorrect Authorization
|
CVE-2024-38002
|
2024-10-30 23:47 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305483
|
6.1 |
MEDIUM
Network
|
liferay
|
digital_experience_platform
liferay_portal
|
The Script Console in Liferay Portal 7.0.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, 7.2 GA through fix pack 20, 7.1 GA throu…
|
CWE-352
Origin Validation Error
|
CVE-2024-8980
|
2024-10-30 23:46 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305484
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix uninitialized pointer free on read_alloc_one_name() error
The function read_alloc_one_name() does not initialize the n…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2024-50087
|
2024-10-30 23:40 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305485
|
- |
|
-
|
-
|
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected sy…
|
-
|
CVE-2024-44285
|
2024-10-30 23:35 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305486
|
- |
|
-
|
-
|
An information disclosure issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1…
|
-
|
CVE-2024-44278
|
2024-10-30 23:35 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305487
|
5.4 |
MEDIUM
Network
|
vtiger
|
vtiger_crm
|
Vtiger CRM v8.2.0 has a HTML Injection vulnerability in the module parameter. Authenticated users can inject arbitrary HTML.
|
CWE-79
Cross-site Scripting
|
CVE-2024-48119
|
2024-10-30 23:32 |
2024-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305488
|
8.8 |
HIGH
Network
|
samsung
|
android
|
Out-of-bounds write in parsing h.263 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required f…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-34668
|
2024-10-30 23:31 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305489
|
9.8 |
CRITICAL
Network
|
fabianros
|
hospital_management_system
|
A vulnerability was found in code-projects Hospital Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/add-doctor.php. The manipulatio…
|
CWE-89
SQL Injection
|
CVE-2024-10350
|
2024-10-30 23:29 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305490
|
8.8 |
HIGH
Network
|
samsung
|
android
|
Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required f…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-34667
|
2024-10-30 23:29 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
