|
307161
|
5.4 |
MEDIUM
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. The "Publish Key" field in SuiteCRM's Edit Profile page is vulnerable to Reflected Cross-Site…
|
CWE-79
Cross-site Scripting
|
CVE-2024-50335
|
2024-11-9 00:09 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307162
|
9.1 |
CRITICAL
Network
|
qualcomm
|
wsa8845h_firmware
wsa8845_firmware
wsa8840_firmware
wsa8835_firmware
wsa8832_firmware
wsa8830_firmware
wsa8815_firmware
wsa8810_firmware
wcn7881_firmware
wcn7880_firmware
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
|
NVD-CWE-noinfo
|
CVE-2024-38408
|
2024-11-9 00:07 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
307163
|
6.1 |
MEDIUM
Network
|
flycart
|
discount_rules_for_woocommerce
|
The Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of a…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8541
|
2024-11-9 00:07 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307164
|
8.8 |
HIGH
Network
|
ibm
|
watson_studio_local
|
IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
|
CWE-352
Origin Validation Error
|
CVE-2024-49340
|
2024-11-9 00:06 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307165
|
4.6 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path travers…
|
CWE-352
Origin Validation Error
|
CVE-2024-46872
|
2024-11-9 00:00 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307166
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nvme-pci: fix race condition between reset and nvme_dev_disable()
nvme_dev_disable() modifies the dev->online_queues field, there…
|
CWE-362
Race Condition
|
CVE-2024-50135
|
2024-11-8 23:34 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307167
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Unregister notifier on eswitch init failure
It otherwise remains registered and a subsequent attempt at eswitch
enablin…
|
NVD-CWE-noinfo
|
CVE-2024-50136
|
2024-11-8 23:31 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307168
|
6.5 |
MEDIUM
Network
|
zte
|
zxr10_1800-2s_firmware
zxr10_2800-4_firmware
zxr10_3800-8_firmware
zxr10_160_firmware
|
There is a privilege escalation vulnerability in ZTE ZXR10 ZSR V2 intelligent multi service router . An authenticated attacker could use the vulnerability to obtain sensitive information about the de…
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2024-22066
|
2024-11-8 23:31 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307169
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
reset: starfive: jh71x0: Fix accessing the empty member on JH7110 SoC
data->asserted will be NULL on JH7110 SoC since commit 8232…
|
NVD-CWE-noinfo
|
CVE-2024-50137
|
2024-11-8 23:29 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307170
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Use raw_spinlock_t in ringbuf
The function __bpf_ringbuf_reserve is invoked from a tracepoint, which
disables preemption. Us…
|
NVD-CWE-noinfo
|
CVE-2024-50138
|
2024-11-8 23:27 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
