|
1901
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Delicate theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' parameter within the theme's Button shortcode in all versions up to, and including, 3.5.5 due to insuffici…
|
-
|
CVE-2024-5867
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1902
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Triton Lite theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute within the theme's Button shortcode in all versions up to, and including, 1.3 due to insuffici…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5789
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1903
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
perf/aux: Fix AUX buffer serialization
Ole reported that event->mmap_mutex is strictly insufficient to
serialize the AUX buffer, …
|
-
|
CVE-2024-46713
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1904
|
7.2 |
HIGH
Network
|
-
|
-
|
The WP Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'current_theme_root' parameter in versions up to, and including 1.2.9. This makes it possible for authen…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2022-2446
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1905
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
memcg_write_event_control(): fix a user-triggerable oops
we are *not* guaranteed that anything past the terminating NUL
is mapped…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-45021
|
2024-09-14 01:36 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1906
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Take state lock during tx timeout reporter
mlx5e_safe_reopen_channels() requires the state lock taken. The
referenced …
|
CWE-667
Improper Locking
|
CVE-2024-45019
|
2024-09-14 01:36 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1907
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: flowtable: initialise extack before use
Fix missing initialisation of extack in flow offload.
|
CWE-665
Improper Initialization
|
CVE-2024-45018
|
2024-09-14 01:36 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1908
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0
The __vmap_pages_range_noflush() assume…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-45022
|
2024-09-14 01:36 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1909
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix a kernel verifier crash in stacksafe()
Daniel Hodges reported a kernel verifier crash when playing with sched-ext.
Furth…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-45020
|
2024-09-14 01:36 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1910
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netem: fix return value if duplicate enqueue fails
There is a bug in netem_enqueue() introduced by
commit 5845f706388a ("net: net…
|
CWE-416
Use After Free
|
CVE-2024-45016
|
2024-09-14 01:36 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
