|
1931
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mmc: mmc_test: Fix NULL dereference on allocation failure
If the "test->highmem = alloc_pages()" allocation fails then calling
__…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-45028
|
2024-09-14 01:29 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1932
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: xhci: Check for xhci->interrupters being allocated in xhci_mem_clearup()
If xhci_mem_init() fails, it calls into xhci_mem_cl…
|
CWE-459
Incomplete Cleanup
|
CVE-2024-45027
|
2024-09-14 01:29 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1933
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
s390/dasd: fix error recovery leading to data corruption on ESE devices
Extent Space Efficient (ESE) or thin provisioned volumes …
|
CWE-787
Out-of-bounds Write
|
CVE-2024-45026
|
2024-09-14 01:29 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1934
|
7.8 |
HIGH
Local
|
samsung
|
universal_print_driver
|
The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the a…
|
NVD-CWE-noinfo
|
CVE-2024-5760
|
2024-09-14 01:28 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1935
|
8.8 |
HIGH
Network
|
mayurik
|
best_house_rental_management_system
|
A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. Affected is the function delete_user/save_user of the file /admin_class.php. The manip…
|
CWE-89
SQL Injection
|
CVE-2024-8709
|
2024-09-14 01:27 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1936
|
6.1 |
MEDIUM
Network
|
payara
|
payara
|
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server (REST Management Interface modules) allows Session Hijacking.This issue affects Payara Server: from …
|
CWE-601
Open Redirect
|
CVE-2024-7312
|
2024-09-14 01:27 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1937
|
8.8 |
HIGH
Network
|
code-projects
|
inventory_management
|
A vulnerability classified as critical was found in code-projects Inventory Management 1.0. Affected by this vulnerability is an unknown functionality of the file /model/viewProduct.php of the compon…
|
CWE-89
SQL Injection
|
CVE-2024-8710
|
2024-09-14 01:25 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1938
|
7.5 |
HIGH
Network
oretnom23
|
food_ordering_management_system
|
A vulnerability, which was classified as problematic, has been found in SourceCodester Food Ordering Management System 1.0. Affected by this issue is some unknown functionality of the file /includes/…
|
NVD-CWE-Other
|
CVE-2024-8711
|
2024-09-14 01:18 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1939
|
6.1 |
MEDIUM
Network
|
scriptonite
|
music_request_manager
|
The Music Request Manager WordPress plugin through 1.3 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin ad…
|
CWE-352
Origin Validation Error
|
CVE-2024-6017
|
2024-09-14 01:17 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1940
|
6.1 |
MEDIUM
Network
|
scriptonite
|
music_request_manager
|
The Music Request Manager WordPress plugin through 1.3 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Script…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6018
|
2024-09-14 01:15 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
