1721
|
6.5 |
MEDIUM
Network
|
andsonsdesign
|
wp-contest
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SONS Creative Development WP Contest allows SQL Injection.This issue affects WP Contest: from n/a…
|
CWE-89
SQL Injection
|
CVE-2024-51837
|
2024-11-15 03:43 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1722
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write()
This was found by a static analyzer.…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-50259
|
2024-11-15 03:24 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1723
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
macsec: Fix use-after-free while sending the offloading packet
KASAN reports the following UAF. The metadata_dst, which is used t…
|
CWE-416
Use After Free
|
CVE-2024-50261
|
2024-11-15 03:24 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1724
|
5.4 |
MEDIUM
Network
|
miraheze
|
wikidiscover
|
WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. Special:WikiDiscover is a special page that lists all wikis on the wiki farm. However, the special page …
|
CWE-79 CWE-80
Cross-site Scripting Basic XSS
|
CVE-2024-47782
|
2024-11-15 03:19 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1725
|
6.1 |
MEDIUM
Network
|
miraheze
|
createwiki
|
CreateWiki is an extension used at Miraheze for requesting & creating wikis. The name of requested wikis is not escaped on Special:RequestWikiQueue, so a user can insert arbitrary HTML that is displa…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47781
|
2024-11-15 03:19 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1726
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-51689. Reason: This candidate is a reservation duplicate of CVE-2024-51689. Notes: All CVE users should reference …
|
-
|
CVE-2024-10686
|
2024-11-15 03:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1727
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: fix crash when config small gso_max_size/gso_ipv4_max_size
Config a small gso_max_size/gso_ipv4_max_size will lead to an und…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2024-50258
|
2024-11-15 03:12 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1728
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: Fix use-after-free in get_info()
ip6table_nat module unload has refcnt warning for UAF. call trace is:
WARNING: CPU: …
|
CWE-416
Use After Free
|
CVE-2024-50257
|
2024-11-15 03:11 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1729
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()
I got a syzbot report without a repro [1] crashing in nf_send_…
|
NVD-CWE-noinfo
|
CVE-2024-50256
|
2024-11-15 03:11 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1730
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs
Fix __hci_cmd_sync_sk() to return not NULL for unknown opcodes.
…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50255
|
2024-11-15 03:10 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|