Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-05 | CVE-2024-51525 | Unspecified vulnerability in Huawei Harmonyos 5.0.0 Permission control vulnerability in the clipboard module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | 5.5 |
| 2024-11-05 | CVE-2024-51526 | Unspecified vulnerability in Huawei Harmonyos 5.0.0 Permission control vulnerability in the hidebug module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | 5.5 |
| 2024-11-05 | CVE-2024-51527 | Unspecified vulnerability in Huawei Emui and Harmonyos Permission control vulnerability in the Gallery app Impact: Successful exploitation of this vulnerability may affect service confidentiality. | 5.5 |
| 2024-11-05 | CVE-2024-51528 | Information Exposure Through Log Files vulnerability in Huawei Emui and Harmonyos Vulnerability of improper log printing in the Super Home Screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | 5.5 |
| 2024-11-05 | CVE-2024-7429 | Missing Authorization vulnerability in Katieseaborn Zotpress The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Zotpress_process_accounts_AJAX function in all versions up to, and including, 7.3.12. | 4.3 |
| 2024-11-05 | CVE-2024-9878 | Cross-site Scripting vulnerability in 10Web Photo Gallery The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.30 due to insufficient input sanitization and output escaping. | 4.8 |
| 2024-11-05 | CVE-2024-47253 | Path Traversal vulnerability in 2N Access Commander In 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an attacker with administrative privileges to write files on the filesystem and potentially achieve arbitrary remote code execution. | 7.2 |
| 2024-11-05 | CVE-2024-47254 | Unspecified vulnerability in 2N Access Commander In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data Authenticity vulnerability could allow an attacker to escalate their privileges and gain root access to the system. | 7.2 |
| 2024-11-05 | CVE-2024-47255 | Unspecified vulnerability in 2N Access Commander In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges in the system which could allow for arbitrary code execution with root permissions. | 7.8 |
| 2024-11-05 | CVE-2023-52920 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction (jump) history to record instructions that performed register spill/fill to/from stack, regardless if this was done through read-only r10 register, or any other register after copying r10 into it *and* potentially adjusting offset. To make this work reliably, we push extra per-instruction flags into instruction history, encoding stack slot index (spi) and stack frame number in extra 10 bit flags we take away from prev_idx in instruction history. | 5.5 |