|
307711
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start
In sctp_listen_start() invoked by sctp_inet_listen(), it…
|
NVD-CWE-noinfo
|
CVE-2024-49944
|
2024-11-13 22:30 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307712
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
l2tp: prevent possible tunnel refcount underflow
When a session is created, it sets a backpointer to its tunnel. When
the session…
|
NVD-CWE-noinfo
|
CVE-2024-49940
|
2024-11-13 22:26 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307713
|
5.4 |
MEDIUM
Network
|
umbraco
|
umbraco_cms
|
A vulnerability was found in Umbraco CMS 12.3.6. It has been classified as problematic. Affected is an unknown function of the file /Umbraco/preview/frame?id{} of the component Dashboard. The manipul…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2024-10761
|
2024-11-13 20:15 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307714
|
- |
|
-
|
-
|
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could
cause a potential arbitrary code execution after a successful Man-In-The-Middle attack…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-8938
|
2024-11-13 14:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307715
|
- |
|
-
|
-
|
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could
cause a potential arbitrary code execution after a successful Man-In-The Middle attack…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-8937
|
2024-11-13 14:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307716
|
- |
|
-
|
-
|
CWE-20: Improper Input Validation vulnerability exists that could lead to loss of confidentiality of controller memory
after a successful Man-In-The-Middle attack followed by sending a crafted Modbus…
|
CWE-20
Improper Input Validation
|
CVE-2024-8936
|
2024-11-13 14:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307717
|
- |
|
-
|
-
|
CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause a denial of service and loss
of confidentiality and integrity of controllers when conducting a Man-In-The-Middle attac…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2024-8935
|
2024-11-13 14:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307718
|
- |
|
-
|
-
|
CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel
vulnerability exists that could cause retrieval of password hash that could lead to denial of service…
|
-
|
CVE-2024-8933
|
2024-11-13 13:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307719
|
7.5 |
HIGH
Network
|
-
|
-
|
The LUNA RADIO PLAYER plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 6.24.01.24 via the js/fallback.php file. This makes it possible for unauthenticat…
|
-
|
CVE-2024-10816
|
2024-11-13 13:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307720
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The Hash Elements plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hash_elements_get_posts_title_by_id() function in all versions up to, and …
|
CWE-862
Missing Authorization
|
CVE-2024-10802
|
2024-11-13 13:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
