|
307481
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Skip Recompute DSC Params if no Stream on Link
[why]
Encounter NULL pointer dereference uner mst + dsc setup.
B…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-43895
|
2024-10-10 21:15 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307482
|
- |
|
-
|
-
|
Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR1…
|
-
|
CVE-2024-22068
|
2024-10-10 18:15 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307483
|
- |
|
-
|
-
|
VMware NSX contains a command injection vulnerability.
A malicious actor with access to the NSX Edge CLI terminal may be able to craft malicious payloads to execute arbitrary commands on the operat…
|
-
|
CVE-2024-38817
|
2024-10-10 17:15 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307484
|
- |
|
-
|
-
|
In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API endpoints GET /api/v1/documents/ and POST /rag/api/v1/doc. This vulnerability allows a lower-privileg…
|
CWE-269
Improper Privilege Management
|
CVE-2024-7048
|
2024-10-10 11:15 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307485
|
- |
|
-
|
-
|
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution.
|
-
|
CVE-2024-9380
|
2024-10-10 10:00 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307486
|
- |
|
-
|
-
|
SQL injection in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to run arbitrary SQL statements.
|
-
|
CVE-2024-9379
|
2024-10-10 10:00 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307487
|
8.1 |
HIGH
Network
|
prestashop
|
prestashop
|
An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. NOTE: this is disputed by multiple parties, who report that exploita…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-41651
|
2024-10-10 03:15 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307488
|
7.2 |
HIGH
Network
|
cisco
|
rv340_dual_wan_gigabit_vpn_router_firmware
rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware
rv345_dual_wan_gigabit_vpn_router_firmware
rv345p_dual_wan_gigabit_poe_vpn_router_firmware
|
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute ar…
|
NVD-CWE-Other
|
CVE-2024-20470
|
2024-10-10 01:55 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307489
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ethtool: fail closed if we can't get max channel used in indirection tables
Commit 0d1b7d6c9274 ("bnxt: fix crashes when reducing…
|
NVD-CWE-noinfo
|
CVE-2024-46834
|
2024-10-10 00:57 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307490
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: hns3: void array out of bound when loop tnl_num
When query reg inf of SSU, it loops tnl_num times. However, tnl_num comes
fr…
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46833
|
2024-10-10 00:54 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
