cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-44068,https://securityvulnerability.io/vulnerability/CVE-2024-44068,Samsung's Exynos Processors Vulnerable to Privilege Escalation Due to Use-After-Free Bug,"A zero-day vulnerability in Samsung's mobile processors, tracked as CVE-2024-44068, has been exploited in the wild to execute an arbitrary code. This vulnerability, with a CVSS score of 8.1, allows privilege escalation on vulnerable Android devices by leveraging a use-after-free bug in the m2m scaler driver. The bug is part of an exploit chain, and the in-the-wild exploit has been observed by Google's Threat Analysis Group, posing a significant risk to affected devices. The exploitation has been observed in a privileged cameraserver process through a Kernel Space Mirroring Attack, bypassing Android kernel isolation protections. Samsung has released a patch as part of its October 2024 security updates.",Samsung,,,,0.0006099999882280827,false,true,true,true,,false,false,2024-10-07T19:15:00.000Z,0
CVE-2024-6366,https://securityvulnerability.io/vulnerability/CVE-2024-6366,Unauthorized File Uploads through Async Upload Functionality,"The User Profile Builder  WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP.",Samsung,User Profile Builder,,,0.000539999979082495,false,false,false,true,true,false,false,2024-07-29T06:00:08.248Z,0