131
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Fix the warning division or modulo by zero
Checks the partition mode and returns an error for an invalid mode.
Update
|
CWE-369
Divide By Zero
|
CVE-2024-46806
|
2024-10-2 22:17 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
132
|
- |
|
-
|
-
|
A vulnerability has been found in code-projects Restaurant Reservation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /filter2.php. The …
New
|
CWE-89
SQL Injection
|
CVE-2024-9429
|
2024-10-2 22:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
133
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: fix the waring dereferencing hive
Check the amdgpu_hive_info *hive that maybe is NULL.
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46805
|
2024-10-2 21:58 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
134
|
9.8 |
CRITICAL
Network
code-projects
|
blood_bank_system
|
A vulnerability was found in code-projects Blood Bank System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /forgot.php. The manipulation of the argument u…
Update
|
CWE-89
SQL Injection
|
CVE-2024-9327
|
2024-10-2 21:57 |
2024-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
135
|
- |
|
-
|
-
|
Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This en…
New
|
-
|
CVE-2024-8038
|
2024-10-2 20:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
136
|
- |
|
-
|
-
|
Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/…
New
|
-
|
CVE-2024-8037
|
2024-10-2 20:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
137
|
- |
|
-
|
-
|
JUJU_CONTEXT_ID is a predictable authentication secret. On a Juju machine (non-Kubernetes) or Juju charm container (on Kubernetes), an unprivileged user in the same network namespace can connect to a…
New
|
-
|
CVE-2024-7558
|
2024-10-2 20:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
138
|
6.5 |
MEDIUM
Network
|
-
|
-
|
An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials.
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-35294
|
2024-10-2 20:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
139
|
- |
|
-
|
-
|
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, …
Update
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2024-3727
|
2024-10-2 20:15 |
2024-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
140
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘button_label’ parameter in all versions up to, and including, 7.1.2 due to in…
New
|
CWE-87
Improper Neutralization of Alternate XSS Syntax
|
CVE-2024-8505
|
2024-10-2 19:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|