|
306651
|
5.5 |
MEDIUM
Local
|
huawei
|
harmonyos
emui
|
Page table protection configuration vulnerability in the trusted firmware module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-45448
|
2024-11-5 19:19 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306652
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vfs: Don't evict inode under the inode lru traversing context
The inode reclaiming process(See function prune_icache_sb) collects…
|
CWE-667
Improper Locking
|
CVE-2024-45003
|
2024-11-5 19:19 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306653
|
- |
|
-
|
-
|
In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not need…
|
-
|
CVE-2024-20122
|
2024-11-5 17:35 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306654
|
6.1 |
MEDIUM
Network
|
redhat
|
single_sign-on
openshift_container_platform
openshift_container_platform_for_power
openshift_container_platform_for_linuxone
openshift_container_platform_for_ibm_z
build_of_keycloak
|
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enablin…
|
CWE-601
Open Redirect
|
CVE-2024-8883
|
2024-11-5 13:15 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306655
|
7.7 |
HIGH
Network
|
-
|
-
|
A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for speci…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2024-8698
|
2024-11-5 13:15 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306656
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Shortcodes Blocks Creator Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'scu' shortcode in versions up to, and including, 2.1.3 due to insufficient input sanitiza…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10340
|
2024-11-5 11:15 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306657
|
9.8 |
CRITICAL
Network
|
ptzoptics
|
pt30x-sdi_firmware
pt30x-ndi-xx-g2_firmware
|
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrar…
|
CWE-78
OS Command
|
CVE-2024-8957
|
2024-11-5 11:00 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306658
|
9.1 |
CRITICAL
Network
|
ptzoptics
|
pt30x-sdi_firmware
pt30x-ndi-xx-g2_firmware
|
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication issue. The camera does not properly enforce authentication to /cgi-bin/param.cgi when requests are se…
|
CWE-287
Improper Authentication
|
CVE-2024-8956
|
2024-11-5 11:00 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306659
|
- |
|
-
|
-
|
cobalt is a media downloader that doesn't piss you off. A malicious cobalt instance could serve links with the `javascript:` protocol, resulting in Cross-site Scripting (XSS) when the user tries to d…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51498
|
2024-11-5 09:15 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306660
|
- |
|
-
|
-
|
WebFeed is a lightweight web feed reader extension for Firefox/Chrome. Multiple HTML injection vulnerabilities in WebFeed can lead to CSRF and UI spoofing attacks. A remote attacker can provide malic…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50346
|
2024-11-5 09:15 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
