|
941
|
4.3 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 10.0.x <= 10.0.0 and 9.11.x <= 9.11.2 fail to properly query ElasticSearch when searching for the channel name in channel switcher which allows an attacker to get private channels…
|
NVD-CWE-noinfo
|
CVE-2024-52032
|
2024-11-15 01:47 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
942
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
NFSD: Initialize struct nfsd4_copy earlier
Ensure the refcount and async_copies fields are initialized early.
cleanup_async_copy(…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-50241
|
2024-11-15 01:45 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
943
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower
Avoid potentially crashing in the driver because of unini…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-50237
|
2024-11-15 01:42 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
944
|
- |
|
-
|
-
|
An information disclosure vulnerability exists in the backup configuration process where the SAS token is not masked in the configuration response. This oversight results in sensitive information lea…
|
-
|
CVE-2024-11165
|
2024-11-15 01:35 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
945
|
- |
|
-
|
-
|
Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server…
|
-
|
CVE-2024-8068
|
2024-11-15 01:35 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
946
|
- |
|
-
|
-
|
The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `v0.0.0-20240729232818-a2a9c4f`, which corresponds with commit `a2…
|
-
|
CVE-2024-44337
|
2024-11-15 01:35 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
947
|
- |
|
-
|
-
|
Stack-buffer-overflow vulnerability in ReadyMedia (MiniDLNA) v1.3.3 allows attackers to cause a denial of service via via the SendContainer() function at tivo_commands.c.
|
-
|
CVE-2023-47430
|
2024-11-15 01:35 |
2024-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
948
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath10k: Fix memory leak in management tx
In the current logic, memory is allocated for storing the MSDU context
during mana…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50236
|
2024-11-15 01:29 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
949
|
7.5 |
HIGH
Network
tiangolo
fastapiexpert
encode
|
fastapi
python-multipart
starlette
|
`python-multipart` is a streaming multipart parser for Python. When using form data, `python-multipart` uses a Regular Expression to parse the HTTP `Content-Type` header, including options. An attack…
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2024-24762
|
2024-11-15 01:25 |
2024-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
950
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fork: only invoke khugepaged, ksm hooks if no error
There is no reason to invoke these hooks early against an mm that is in an
in…
|
NVD-CWE-noinfo
|
CVE-2024-50263
|
2024-11-15 01:23 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
