Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-06 | CVE-2024-49406 | Improper Validation of Integrity Check Value vulnerability in Samsung Blockchain Keystore 1.3.13.5 Improper validation of integrity check value in Blockchain Keystore prior to version 1.3.16 allows local attackers to modify transaction. | 4.4 |
| 2024-11-06 | CVE-2024-49407 | Unspecified vulnerability in Samsung Flow Improper access control in Samsung Flow prior to version 4.9.15.7 allows physical attackers to access data across multiple user profiles. low complexity samsung | 4.6 |
| 2024-11-06 | CVE-2024-49408 | Out-of-bounds Write vulnerability in Samsung Galaxy S24 Firmware Out-of-bounds write in usb driver prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. | 6.7 |
| 2024-11-06 | CVE-2024-49409 | Out-of-bounds Write vulnerability in Samsung Galaxy S24 Firmware Out-of-bounds write in Battery Full Capacity node prior to Firmware update Sep-2024 Release on Galaxy S24 allows local attackers to write out-of-bounds memory. | 6.7 |
| 2024-11-06 | CVE-2024-10647 | Cross-site Scripting vulnerability in Westguardsolutions WS Form The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.9.244. | 6.1 |
| 2024-11-06 | CVE-2024-10028 | Insecure Storage of Sensitive Information vulnerability in Everestthemes Everest Backup The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process stats file during the backup process. | 7.5 |
| 2024-11-05 | CVE-2024-10084 | The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure in all versions up to, and including, 4.5 via the CF7_get_post_var shortcode. | 4.3 |
| 2024-11-05 | CVE-2024-0134 | Unspecified vulnerability in Nvidia Container Toolkit and Nvidia GPU Operator NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. | 4.1 |
| 2024-11-05 | CVE-2024-49377 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Octoprint OctoPrint provides a web interface for controlling consumer 3D printers. | 6.1 |
| 2024-11-05 | CVE-2024-49772 | SQL Injection vulnerability in Salesagility Suitecrm SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. | 8.8 |