CVE-2024-31489

AAn improper certificate validation vulnerability CWE-295 in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 through 7.0.11, 7.2.0 through 7.2.4 may allow a remote and unauthenticated attacker to perform a...

September 10, 2024—KB5043051 (OS Build 14393.7336) - EXPIRED

September 10, 2024—KB5043051 OS Build 14393.7336 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- 11/19/20 For...

PT-2024-6251 · Microsoft · Windows Setup/Deployment +1

Name of the Vulnerable Software and Affected Versions: Windows Setup and Deployment affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in the Windows Setup and Deployment component. It is associated with a lack of quotes in writing element...

CVE-2024-7918

The Pocket Widget WordPress plugin through 0.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-5561 Popup Maker < 1.19.1 - Admin+ Stored XSS

The Popup Maker WordPress plugin before 1.19.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-8584

Orca HCM from LEARNING DIGITAL has an Missing Authentication vulnerability, allowing unauthenticated remote attacker to exploit this functionality to create an account with administrator privilege and subsequently use it to log in...

Malicious code in cobo-custdy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cd0d754c7d09b395a490411bfdba9006309e5227c634e9946f4612de907de0d0 It appears to be a forgotten pentest checking typosquatting against cobo-custody package, but may also have malicious purposes. During installation, if a machi...

MAL-2024-12237 Malicious code in cobo-custdoy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1bb6da528665b6d869e583cb594f1f0cc7e7ccaf8cc5a7a859c0db9e7fa80c19 It appears to be a forgotten pentest checking typosquatting against cobo-custody package, but may also have malicious purposes. During installation, if a machi...

Malicious code in cobo-custdoy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1bb6da528665b6d869e583cb594f1f0cc7e7ccaf8cc5a7a859c0db9e7fa80c19 It appears to be a forgotten pentest checking typosquatting against cobo-custody package, but may also have malicious purposes. During installation, if a machi...

MAL-2024-12238 Malicious code in cobo-custdy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cd0d754c7d09b395a490411bfdba9006309e5227c634e9946f4612de907de0d0 It appears to be a forgotten pentest checking typosquatting against cobo-custody package, but may also have malicious purposes. During installation, if a machi...

MAL-2024-12239 Malicious code in cobo-python (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2f1c1c4efd134e130c04178382ff3ea318301fb18b5eb6eed696c49cf64e9ad6 It appears to be a forgotten pentest checking typosquatting against cobo-custody package, but may also have malicious purposes. During installation, if a machi...

Malicious code in test-packages1 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5c5608702af52a2ca19f0b384036f76248848f4b4ddbe582631d85b3f5e77dca Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

MAL-2024-12359 Malicious code in test-packages1 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5c5608702af52a2ca19f0b384036f76248848f4b4ddbe582631d85b3f5e77dca Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

MAL-2024-12360 Malicious code in test-packages2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4336b840413f8b1d796d06001cd5fb057d2e92276771ec70122834253e5e41f3 Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

DEBIAN-CVE-2024-44997

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkwed: fix use-after-free panic in mtkwedsetuptcblockcb When there are multiple ap interfaces on one band and with WED on, turning the interface down will cause a kernel panic on MT798X. Previously, cbpriv was fre...

AZL-48696 CVE-2024-45006 affecting package kernel for versions less than 6.6.51.1-1

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration re-enumerating full-speed devices after a failed address device command can trigger a NULL pointer dereference. Full-speed devices may need to reconfigure th...

DEBIAN-CVE-2024-44980

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix opregion leak Being part o the display, ideally the setup and cleanup would be done by display itself. However this is a bigger refactor that needs to be done on both i915 and xe. For now, just fix the leak:...

CVE-2024-44980

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix opregion leak Being part o the display, ideally the setup and cleanup would be done by display itself. However this is a bigger refactor that needs to be done on both i915 and xe. For now, just fix the leak:...

UBUNTU-CVE-2024-44997

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkwed: fix use-after-free panic in mtkwedsetuptcblockcb When there are multiple ap interfaces on one band and with WED on, turning the interface down will cause a kernel panic on MT798X. Previously, cbpriv was fre...

UBUNTU-CVE-2024-44980

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix opregion leak Being part o the display, ideally the setup and cleanup would be done by display itself. However this is a bigger refactor that needs to be done on both i915 and xe. For now, just fix the leak:...