1351
|
7.5 |
HIGH
Network
idurarapp
|
idurar
|
IDURAR is open source ERP CRM accounting invoicing software. The vulnerability exists in the corePublicRouter.js file. Using the reference usage here, it is identified that the public endpoint is acc…
|
CWE-22 CWE-23
Path Traversal Relative Path Traversal
|
CVE-2024-47769
|
2024-11-14 00:12 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1352
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
blk_iocost: fix more out of bound shifts
Recently running UBSAN caught few out of bound shifts in the
ioc_forgive_debts() functio…
|
NVD-CWE-noinfo
|
CVE-2024-49933
|
2024-11-14 00:09 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1353
|
9.8 |
CRITICAL
Network
yarpp
|
yet_another_related_posts_plugin
|
Access Control vulnerability in YARPP YARPP allows .
This issue affects YARPP: from n/a through 5.30.10.
|
CWE-862
Missing Authorization
|
CVE-2024-43919
|
2024-11-14 00:02 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1354
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: don't readahead the relocation inode on RST
On relocation we're doing readahead on the relocation inode, but if the
filesy…
|
CWE-617
Reachable Assertion
|
CVE-2024-49932
|
2024-11-14 00:01 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1355
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
x86/ioapic: Handle allocation failures gracefully
Breno observed panics when using failslab under certain conditions during
runti…
|
NVD-CWE-noinfo
|
CVE-2024-49927
|
2024-11-13 23:58 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1356
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
rcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb()
For kernels built with CONFIG_FORCE_NR_CPUS=y, …
|
NVD-CWE-noinfo
|
CVE-2024-49926
|
2024-11-13 23:57 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1357
|
8.1 |
HIGH
Network
|
lifplatforms
|
lif_authentication_server
|
Lif Authentication Server is a server used by Lif to do various tasks regarding Lif accounts. This vulnerability has to do with the account recovery system where there does not appear to be a check t…
|
CWE-862
Missing Authorization
|
CVE-2024-47768
|
2024-11-13 23:55 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1358
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix a sdiv overflow issue
Zac Ecob reported a problem where a bpf program may cause kernel crash due
to the following error:…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-49888
|
2024-11-13 23:54 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1359
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to don't panic system for no free segment fault injection
f2fs: fix to don't panic system for no free segment fault inj…
|
NVD-CWE-noinfo
|
CVE-2024-49887
|
2024-11-13 23:50 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1360
|
6.1 |
MEDIUM
Network
|
jgniecki
|
minecraft_motd_parser
|
Minecraft MOTD Parser is a PHP library to parse minecraft server motd. The HtmlGenerator class is subject to potential cross-site scripting (XSS) attack through a parsed malformed Minecraft server MO…
|
CWE-79 CWE-80
Cross-site Scripting Basic XSS
|
CVE-2024-47765
|
2024-11-13 23:48 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|