141
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (adc128d818) Fix underflows seen when writing limit attributes
DIV_ROUND_CLOSEST() after kstrtol() results in an underflow…
Update
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2024-46759
|
2024-09-24 01:28 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
142
|
4.3 |
MEDIUM
Network
|
microsoft
|
sql_2016_azure_connect_feature_pack sql_server_2017 sql_server_2019 sql_server_2022 sql_server_2016
|
Microsoft SQL Server Native Scoring Information Disclosure Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-37342
|
2024-09-24 01:28 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
143
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtw88: usb: schedule rx work after everything is set up
Right now it's possible to hit NULL pointer dereference in
rtw_rx_f…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46760
|
2024-09-24 01:18 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
144
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: ethernet: ti: am65-cpsw: Fix NULL dereference on XDP_TX
If number of TX queues are set to 1 we get a NULL pointer
dereferenc…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46799
|
2024-09-24 01:17 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
145
|
- |
|
-
|
-
|
Oveleon Cookie Bar is a cookie bar is for the Contao Open Source CMS and allows a visitor to define cookie & privacy settings for the website. Prior to versions 1.16.3 and 2.1.3, the `block/locale` e…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-47069
|
2024-09-24 01:15 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
146
|
- |
|
-
|
-
|
Rollup is a module bundler for JavaScript. Versions prior to 3.29.5 and 4.22.4 are susceptible to a DOM Clobbering vulnerability when bundling scripts with properties from `import.meta` (e.g., `impor…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-47068
|
2024-09-24 01:15 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
147
|
- |
|
-
|
-
|
Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.19.13, server-side request forgery protection implemented in `src/app/api/proxy/route.ts` does not consider redi…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-47066
|
2024-09-24 01:15 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
148
|
- |
|
-
|
-
|
DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection stri…
New
|
CWE-74
Injection
|
CVE-2024-46997
|
2024-09-24 01:15 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
149
|
- |
|
-
|
-
|
DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, there is an XML external entity injection vulnerability in the static resource upload interface of DataEase. An a…
New
|
CWE-611
XXE
|
CVE-2024-46985
|
2024-09-24 01:15 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
150
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ice: move netif_queue_set_napi to rtnl-protected sections
Currently, netif_queue_set_napi() is called from ice_vsi_rebuild() that…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-46766
|
2024-09-24 01:15 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|