|
951
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
riscv/purgatory: align riscv_kernel_entry
When alignment handling is delegated to the kernel, everything must be
word-aligned in …
|
-
|
CVE-2024-43868
|
2024-11-15 01:15 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
952
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
ice: Add a per-VF limit on number of FDIR filters
While the iavf driver adds a s/w limit (128) on the number of FDIR
filters that…
|
-
|
CVE-2024-42291
|
2024-11-15 01:15 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
953
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: sched: use RCU read-side critical section in taprio_dump()
Fix possible use-after-free in 'taprio_dump()' by adding RCU
read…
|
CWE-416
Use After Free
|
CVE-2024-50126
|
2024-11-15 01:15 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
954
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq
Undefined behavior is triggered when bnxt_qplib_alloc_init_h…
|
-
|
CVE-2024-38540
|
2024-11-15 01:15 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
955
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Additional check in ntfs_file_release
|
NVD-CWE-noinfo
|
CVE-2024-50242
|
2024-11-15 01:12 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
956
|
5.4 |
MEDIUM
Network
|
sap
|
netweaver_enterprise_portal
|
SAP NetWeaver Enterprise Portal (KMC) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability in KMC servlet. An attacker could craft a script and trick t…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47594
|
2024-11-15 01:12 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
957
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
phy: qcom: qmp-usb: fix NULL-deref on runtime suspend
Commit 413db06c05e7 ("phy: qcom-qmp-usb: clean up probe initialisation")
re…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50240
|
2024-11-15 00:57 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
958
|
5.4 |
MEDIUM
Network
|
ampache
|
ampache
|
Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users send messages to one another…
|
CWE-352
Origin Validation Error
|
CVE-2024-51489
|
2024-11-15 00:46 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
959
|
9.0 |
CRITICAL
Network
|
ampache
|
ampache
|
Ampache is a web based audio/video streaming application and file manager. This vulnerability exists in the interface section of the Ampache menu, where users can change "Custom URL - Logo". This sec…
|
CWE-79
Cross-site Scripting
|
CVE-2024-51490
|
2024-11-15 00:30 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
960
|
7.5 |
HIGH
Network
metabase
|
metabase
|
Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and…
|
CWE-22
Path Traversal
|
CVE-2021-41277
|
2024-11-15 00:26 |
2021-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
