Latest Security Vulnerabilities

Wednesday November 20, 2024

Apple visionOS

CVE-2024-44309 Apple Safari and macOS Cookie Management Vulnerability Leading to XSS
CVE-2024-44308 Apple Safari Web Content Arbitrary Code Execution Vulnerability

Apple macOS

CVE-2024-44307 macOS Kernel Buffer Overflow Vulnerability

Google Android

CVE-2018-9467 Android UriTest Incorrect Web Origin Determination Vulnerability
CVE-2018-9468 Android DownloadManager Permissions Bypass Vulnerability
CVE-2018-9469 Android ShortcutService Privilege Escalation Vulnerability
CVE-2018-9470 Android BFF Scanner Out-of-Bounds Write Vulnerability
CVE-2018-9471 Android NanoAppFilter Type Confusion Local Privilege Escalation Vulnerability
CVE-2018-9474 Android MediaPlayer Serialization/Deserialization Mismatch Vulnerability
CVE-2018-9475 Android Bluetooth Stack Overflow Vulnerability in HeadsetInterface
CVE-2018-9477 Android Settings App Authentication Bypass Vulnerability
CVE-2018-9478 Android Bluetooth SDP Server Out-of-Bounds Write Vulnerability
And others...
 

Unclassified

CVE-2024-44306 macOS Kernel Buffer Overflow Vulnerability
CVE-2018-9472 libxml2: Out-of-Bounds Write in xmlMemStrdupLoc Due to Integer Overflow
CVE-2024-10899 WooCommerce Product Table Lite Plugin: Arbitrary Shortcode Execution and Reflected XSS Vulnerability
CVE-2024-10515 Squirrly SEO WordPress Plugin: Stored XSS Vulnerability in SEO Plugin
CVE-2024-9239 Booster for WooCommerce Plugin: Reflected XSS Vulnerability
CVE-2024-10913 WordPress Clone Plugin PHP Object Injection Vulnerability
CVE-2024-8726 MailChimp Forms by MailMunch Plugin: Reflected XSS Vulnerability
CVE-2024-11154 WordPress PublishPress Revisions Plugin Sensitive Information Exposure Vulnerability
CVE-2024-11176 M-Files Aino: Improper Access Control Vulnerability in Object Information Access
And others...

Posimyth The Plus Addons For Elementor

CVE-2024-10365 The Plus Addons for Elementor: Sensitive Information Exposure in Multiple Widgets

Pegasystems Pega Platform

CVE-2024-10094 Pega Platform Improper Code Generation Vulnerability

Synacor Zimbra Collaboration Suite

CVE-2024-45511 Zimbra Collaboration (ZCS) Reflected XSS Vulnerability in Briefcase Module via OnlyOffice Formatter
CVE-2024-45510 Zimbra Collaboration (ZCS) Webmail Stored XSS Vulnerability

M Files Server

CVE-2024-10127 M-Files Server LDAP Authentication Bypass Vulnerability
CVE-2024-10126 M-Files Server Local File Inclusion Vulnerability in Document Preview

Tuesday November 19, 2024

Linux Kernel

CVE-2024-50289 Linux Kernel Spectre Vulnerability in AV7110 Media Driver
CVE-2024-50290 Linux Kernel Media Subsystem SNR Calculation Overflow Vulnerability
CVE-2024-50291 Linux Kernel DVB Core Buffer Index Validation Vulnerability
CVE-2024-50293 Linux Kernel: Dangling Pointer Vulnerability in SMC Socket Creation
CVE-2024-50294 Linux Kernel rxrpc Subsystem Locking Issue Leading to Hanging Calls
CVE-2024-50295 Linux Kernel DMA Mapping Vulnerability in Network Device Driver
CVE-2024-50296 Linux Kernel: Null Pointer Dereference in SR-IOV Resource Release
CVE-2024-50298 Linux Kernel: Null Pointer Dereference in ENETC Driver During VF MAC Configuration
CVE-2024-50299 Linux Kernel SCTP Chunk Size Validation Vulnerability
And others...

Google Chrome

CVE-2024-11395 Google Chrome V8 Engine Type Confusion Vulnerability

Google Android

CVE-2018-9467 Android UriTest Incorrect Web Origin Determination Vulnerability
CVE-2018-9468 Android DownloadManager Permissions Bypass Vulnerability
CVE-2018-9469 Android ShortcutService Privilege Escalation Vulnerability
CVE-2018-9470 Android BFF Scanner Out-of-Bounds Write Vulnerability
CVE-2018-9471 Android NanoAppFilter Type Confusion Local Privilege Escalation Vulnerability
CVE-2018-9474 Android MediaPlayer Serialization/Deserialization Mismatch Vulnerability
CVE-2018-9475 Android Bluetooth Stack Overflow Vulnerability in HeadsetInterface
CVE-2018-9477 Android Settings App Authentication Bypass Vulnerability
CVE-2018-9478 Android Bluetooth SDP Server Out-of-Bounds Write Vulnerability
And others...