221
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
firmware: arm_scmi: Fix double free in OPTEE transport
Channels can be shared between protocols, avoid freeing the same channel
d…
New
|
CWE-415
Double Free
|
CVE-2024-49853
|
2024-10-24 01:14 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
222
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del()
The kref_put() function will call nport->release if the …
New
|
CWE-416
Use After Free
|
CVE-2024-49852
|
2024-10-24 01:14 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
223
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
crypto: stm32/cryp - call finalize with bh disabled
The finalize operation in interrupt mode produce a produces a spinlock
recurs…
Update
|
NVD-CWE-noinfo
|
CVE-2024-47658
|
2024-10-24 01:14 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
224
|
9.8 |
CRITICAL
Network
moridrin
|
ssv_events
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Moridrin SSV Events allows PHP Local File Inclusion.This issue affects SSV Events: from n/a through 3.2…
Update
|
CWE-22
Path Traversal
|
CVE-2024-49286
|
2024-10-24 01:13 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
225
|
5.4 |
MEDIUM
Network
|
mightyplugins
|
mighty_builder
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mighty Plugins Mighty Builder allows Stored XSS.This issue affects Mighty Builder: from n/…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-48049
|
2024-10-24 01:12 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
226
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX
[Why & How]
It actually exposes '6' types in enum dmu…
Update
|
CWE-129
Improper Validation of Array Index
|
CVE-2024-46871
|
2024-10-24 01:10 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
227
|
6.1 |
MEDIUM
Network
|
unizoewebsolutions
|
jlayer_parallax_slider
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Unizoe Web Solutions jLayer Parallax Slider allows Reflected XSS.This issue affects jLayer…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-49334
|
2024-10-24 01:08 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
228
|
6.1 |
MEDIUM
Network
|
sourav
|
all_in_one_slider
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sourav All in One Slider allows Reflected XSS.This issue affects All in One Slider: from n…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-49323
|
2024-10-24 01:05 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
229
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tpm: Clean up TPM space after command failure
tpm_dev_transmit prepares the TPM space before attempting command
transmission. How…
New
|
CWE-459
Incomplete Cleanup
|
CVE-2024-49851
|
2024-10-24 01:00 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
230
|
5.3 |
MEDIUM
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error()
syzbot reports a f2fs bug as below:
------------[ cut here ]---…
New
|
CWE-362
Race Condition
|
CVE-2024-47689
|
2024-10-24 00:53 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|