CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-50184 – virtio_pmem: Check device status before requesting flush
https://notcve.org/view.php?id=CVE-2024-50184
08 Nov 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/6e84200c0a2994b991259d19450eee561029bf70 •
CVSS: 5.6EPSS: 0%CPEs: 6EXPL: 0CVE-2024-50181 – clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D
https://notcve.org/view.php?id=CVE-2024-50181
08 Nov 2024 — In the Linux kernel, the following vulnerability has been resolved: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D For i.MX7D DRAM related mux clock, the clock source change should ONLY be done done in low level asm code without accessing DRAM, and then calling clk API to sync the HW clock status with clk tree, it should never touch real clock source switch via clk API, so CLK_SET_PARENT_GATE flag should NOT be added, otherwise, DRAM's clock parent will be disabled when DRAM is active, ... • https://git.kernel.org/stable/c/b677b94a9193ec7b6607bd1255172ae59174a382 •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50180 – fbdev: sisfb: Fix strbuf array overflow
https://notcve.org/view.php?id=CVE-2024-50180
08 Nov 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/433c84c8495008922534c5cafdae6ff970fb3241 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-50179 – ceph: remove the incorrect Fw reference check when dirtying pages
https://notcve.org/view.php?id=CVE-2024-50179
08 Nov 2024 — A physically proximate remote attacker could use this to cause a denial of service or possibly execute arbitrary code. ... A physically proximate remote attacker could use this to expose sensitive information. • https://git.kernel.org/stable/c/5dda377cf0a6bd43f64a3c1efb670d7c668e7b29 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51788 – WordPress The Novel Design Store Directory plugin <= 4.3.0 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-51788
08 Nov 2024 — This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/noveldesign-store-directory/wordpress-the-novel-design-store-directory-plugin-4-3-0-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51789 – WordPress Image Classify plugin <= 1.0.0 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-51789
08 Nov 2024 — This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/image-classify/wordpress-image-classify-plugin-1-0-0-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51790 – WordPress HB AUDIO GALLERY plugin <= 3.0 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-51790
08 Nov 2024 — This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/hb-audio-gallery/wordpress-hb-audio-gallery-plugin-3-0-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51791 – WordPress Forms plugin <= 2.8.0 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-51791
08 Nov 2024 — This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/forms-by-made-it/wordpress-forms-plugin-2-8-0-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51793 – WordPress RepairBuddy plugin <= 3.8115 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-51793
08 Nov 2024 — This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/computer-repair-shop/wordpress-repairbuddy-plugin-3-8115-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47131 – Delta Electronics DIAScreen Stack-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-47131
08 Nov 2024 — If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetObjectInfo can be exploited, allowing the attacker to remotely execute arbitrary code. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. ... An attacker can leverage this vulnerability to execute code in the con... • https://www.cisa.gov/news-events/ics-advisories/icsa-24-312-02 • CWE-121: Stack-based Buffer Overflow •