7.4
CVE-2024-8676 - Cri-o: checkpoint restore can be triggered from different namespaces
A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the pβ¦
6.1
CVE-2024-10878 - Sugar Calendar (Lite) <= 3.3.0 - Reflected Cross-Site Scripting
The Sugar Calendar β Simple Event Management plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.3.0. This makes it possible for unauthenticated attackβ¦
6.9
CVE-2024-11407 - Denial of Service through Data corruption in gRPC-C++
There exists a denial of service through Data corruption in gRPC-C++ -Β gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPC_ARG_TCP_TX_ZEROCOPY_ENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmission over the netwβ¦
6.5
CVE-2024-36463 -
The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects.
2.2
CVE-2024-22117 - Value of sysmap_element_url can be de-synchronized causing the map element to crash when new URLs iβ¦
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding sysmapelemβ¦
6.4
CVE-2024-8236 - Elementor Website Builder β More than Just a Page Builder <= 3.25.7 - Authenticated (Contributor+) β¦
The Elementor Website Builder β More than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βurlβ parameter of the Icon widget in all versions up to, and including, 3.25.7 due to insufficient input sanitization and output escaping. This makes it possible β¦
7.2
CVE-2024-9461 - Total Upkeep <= 1.16.6 - Authenticated (Administrator+) Remote Code Execution via Backup Settings
The Total Upkeep β WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.6 via the cron_interval parameter. This is due to missing input validation and sanitization. This makes it possible foβ¦
8.4
CVE-2018-5852 - Buffer Over-read in IPA
An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat'
7.8
CVE-2018-11816 - Use After Free in Video
Crafted Binder Request Causes Heap UAF in MediaServer
8.4
CVE-2017-18307 - Information Exposure in Kernel
Information disclosure possible while audio playback.