251
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate()
The psc->div[] array has psc->num_div elements. These values come from…
New
|
CWE-193
Off-by-one Error
|
CVE-2024-47686
|
2024-10-24 00:34 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
252
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()
If we need to increase the tree depth, allocate a new node, and…
Update
|
CWE-362
Race Condition
|
CVE-2024-47668
|
2024-10-24 00:30 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
253
|
9.6 |
CRITICAL
Network
|
mintplexlabs
|
anythingllm_desktop anythingllm_webapp
|
A Cross-Site Scripting (XSS) vulnerability exists in mintplex-labs/anything-llm, affecting both the desktop application version 1.2.0 and the latest version of the web application. The vulnerability …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-3166
|
2024-10-24 00:25 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
254
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vdpa/mlx5: Fix invalid mr resource destroy
Certain error paths from mlx5_vdpa_dev_add() can end up releasing mr
resources which n…
New
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-47687
|
2024-10-24 00:22 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
255
|
9.1 |
CRITICAL
Network
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()
syzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending
ga…
New
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-47685
|
2024-10-24 00:19 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
256
|
- |
|
-
|
-
|
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (…
New
|
-
|
CVE-2024-5764
|
2024-10-24 00:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257
|
- |
|
-
|
-
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii Bryl iBryl Switch User allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through 1.0.1.
New
|
-
|
CVE-2024-49675
|
2024-10-24 00:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258
|
- |
|
-
|
-
|
Pimcore is an open source data and experience management platform. When a PortalUserObject is connected to a PimcoreUser and "Use Pimcore Backend Password" is set to true, the change password functio…
New
|
CWE-256
Plaintext Storage of a Password
|
CVE-2024-49370
|
2024-10-24 00:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259
|
7.8 |
HIGH
Local
|
-
|
-
|
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which…
New
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2024-47904
|
2024-10-24 00:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260
|
5.8 |
MEDIUM
Network
-
|
-
|
A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber (All versions < V7.2.12 only if the IP interface is enabled (which…
New
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2024-47903
|
2024-10-24 00:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|