CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50178 – cpufreq: loongson3: Use raw_smp_processor_id() in do_service_request()
https://notcve.org/view.php?id=CVE-2024-50178
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: cpufreq: loongson3: Use raw_smp_processor_id() in do_service_request() Use raw_smp_processor_id() instead of plain smp_processor_id() in do_service_request(), otherwise we may get some errors with the driver enabled: BUG: using smp_processor_id() in preemptible [00000000] code: (udev-worker)/208 caller is loongson3_cpufreq_probe+0x5c/0x250 [loongson3_cpufreq] In the Linux kernel, the following vulnerability has been resolved: cpufreq... • https://git.kernel.org/stable/c/ccf51454145bffd98e31cdbe54a4262473c609e2 •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-50177 – drm/amd/display: fix a UBSAN warning in DML2.1
https://notcve.org/view.php?id=CVE-2024-50177
08 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/70839da6360500a82e4d5f78499284474cbed7c1 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50176 – remoteproc: k3-r5: Fix error handling when power-up failed
https://notcve.org/view.php?id=CVE-2024-50176
08 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/2a1ec20b174c0f613224c59e694639ac07308b53 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-50175 – media: qcom: camss: Remove use_count guard in stop_streaming
https://notcve.org/view.php?id=CVE-2024-50175
08 Nov 2024 — The silicon enabling code for selecting VCs is perfectly fine. The silicon enabling code for selecting VCs is perfectly fine. ... Initial testing with this code didn't show an error but, SoftISP and "real" usage with Google Hangouts breaks the upstream code pretty quickly, we need to do a partial revert and take another pass at VCs. Initial testing with this code didn't show an error but, SoftISP and "real" usage with Google Hangouts breaks the upstream code pretty ... • https://git.kernel.org/stable/c/89013969e23247661f0514c77f26d60fa083216c •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50174 – drm/panthor: Fix race when converting group handle to group object
https://notcve.org/view.php?id=CVE-2024-50174
08 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/de85488138247d034eb3241840424a54d660926b •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-50173 – drm/panthor: Fix access to uninitialized variable in tick_ctx_cleanup()
https://notcve.org/view.php?id=CVE-2024-50173
08 Nov 2024 — An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/d72f049087d4f973f6332b599c92177e718107de •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10673 – Top Store <= 1.5.4 - Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation
https://notcve.org/view.php?id=CVE-2024-10673
08 Nov 2024 — The Top Store theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the top_store_install_and_activate_callback() function in all versions up to, and including, 1.5.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins which can contain other exploitable vulnerabilities to elevate privileges and gain remote code execution. • https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=247826%40top-store&new=247826%40top-store&sfp_email=&sfph_mail= • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51789 – WordPress Image Classify plugin <= 1.0.0 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-51789
08 Nov 2024 — The Image Classify plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.0.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/image-classify/wordpress-image-classify-plugin-1-0-0-arbitrary-file-upload-vulnerability? • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51790 – WordPress HB AUDIO GALLERY plugin <= 3.0 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-51790
08 Nov 2024 — The HB AUDIO GALLERY plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 3.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/hb-audio-gallery/wordpress-hb-audio-gallery-plugin-3-0-arbitrary-file-upload-vulnerability? • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10625 – WooCommerce Support Ticket System <= 17.7 - Unauthenticated Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2024-10625
08 Nov 2024 — The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_tmp_uploaded_file() function in all versions up to, and including, 17.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). • https://codecanyon.net/item/woocommerce-support-ticket-system/17930050 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •