|
841
|
6.1 |
MEDIUM
Network
|
miraheze
|
createwiki
|
CreateWiki is an extension used at Miraheze for requesting & creating wikis. The name of requested wikis is not escaped on Special:RequestWikiQueue, so a user can insert arbitrary HTML that is displa…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-47781
|
2024-11-15 03:19 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
842
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-51689. Reason: This candidate is a reservation duplicate of CVE-2024-51689. Notes: All CVE users should reference …
Update
|
-
|
CVE-2024-10686
|
2024-11-15 03:15 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
843
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: fix crash when config small gso_max_size/gso_ipv4_max_size
Config a small gso_max_size/gso_ipv4_max_size will lead to an und…
Update
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2024-50258
|
2024-11-15 03:12 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
844
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: Fix use-after-free in get_info()
ip6table_nat module unload has refcnt warning for UAF. call trace is:
WARNING: CPU: …
Update
|
CWE-416
Use After Free
|
CVE-2024-50257
|
2024-11-15 03:11 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
845
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()
I got a syzbot report without a repro [1] crashing in nf_send_…
Update
|
NVD-CWE-noinfo
|
CVE-2024-50256
|
2024-11-15 03:11 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
846
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs
Fix __hci_cmd_sync_sk() to return not NULL for unknown opcodes.
…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50255
|
2024-11-15 03:10 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
847
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Free dynamically allocated bits in bpf_iter_bits_destroy()
bpf_iter_bits_destroy() uses "kit->nr_bits <= 64" to check whethe…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50254
|
2024-11-15 03:09 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
848
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Check the validity of nr_words in bpf_iter_bits_new()
Check the validity of nr_words in bpf_iter_bits_new(). Without this
ch…
Update
|
NVD-CWE-noinfo
|
CVE-2024-50253
|
2024-11-15 03:09 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
849
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mlxsw: spectrum_ipip: Fix memory leak when changing remote IPv6 address
The device stores IPv6 addresses that are used for encaps…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50252
|
2024-11-15 03:08 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
850
|
6.5 |
MEDIUM
Network
|
lsquared
|
l_squared_hub
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in L Squared Support L Squared Hub WP allows SQL Injection.This issue affects L Squared Hub WP: from…
Update
|
CWE-89
SQL Injection
|
CVE-2024-51820
|
2024-11-15 03:03 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
