|
317261
|
7.4 |
HIGH
Network
|
bitdefender
|
total_security
|
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates.…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-49570
|
2024-10-23 01:26 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317262
|
9.8 |
CRITICAL
Network
|
hikvision
|
hikcentral_master
|
There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file.
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2024-47485
|
2024-10-23 01:23 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317263
|
5.4 |
MEDIUM
Network
|
gurieveugen\&vitaliyshebela
|
branding
|
The Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escapin…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9452
|
2024-10-23 01:23 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317264
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to check atomic_file in f2fs ioctl interfaces
Some f2fs ioctl interfaces like f2fs_ioc_set_pin_file(),
f2fs_move_file_r…
|
CWE-362
Race Condition
|
CVE-2024-49859
|
2024-10-23 01:13 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317265
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nbd: fix race between timeout and normal completion
If request timetout is handled by nbd_requeue_cmd(), normal completion
has to…
|
CWE-416
Use After Free
|
CVE-2024-49855
|
2024-10-23 01:12 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317266
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos
In case of malformed relocation record of kind BPF_CORE_TYPE_ID_LOCA…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49850
|
2024-10-23 01:12 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317267
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm/hugetlb.c: fix UAF of vma in hugetlb fault pathway
Syzbot reports a UAF in hugetlb_fault(). This happens because
vmf_anon_pre…
|
CWE-416
Use After Free
|
CVE-2024-47676
|
2024-10-23 01:12 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317268
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
media: mediatek: vcodec: Fix H264 stateless decoder smatch warning
Fix a smatch static checker warning on vdec_h264_req_if.c.
Whi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47752
|
2024-10-23 01:11 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317269
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning
Fix a smatch static checker warning on vdec_vp8_req_if.c.
Which…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47753
|
2024-10-23 01:10 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317270
|
8.8 |
HIGH
Network
|
hikvision
|
hikcentral_professional
|
There is a SQL injection vulnerability in some HikCentral Professional versions. This could allow an authenticated user to execute arbitrary SQL queries.
|
CWE-89
SQL Injection
|
CVE-2024-47487
|
2024-10-23 01:10 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
