81
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
USB: usbtmc: prevent kernel-usb-infoleak
The syzbot reported a kernel-usb-infoleak in usbtmc_write,
we need to clear the structur…
Update
|
NVD-CWE-noinfo
|
CVE-2024-47671
|
2024-10-24 04:36 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
82
|
9.8 |
CRITICAL
Network
apache
|
apache-airflow-providers-apache-hive
|
Improper Input Validation vulnerability in the Apache Airflow Hive Provider.
This issue affects Apache Airflow Hive Provider versions before 5.1.3.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-25696
|
2024-10-24 04:35 |
2023-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
83
|
6.5 |
MEDIUM
Network
|
debian redhat fedoraproject w1.fi
|
debian_linux enterprise_linux fedora wpa_supplicant
|
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during P…
Update
|
CWE-287
Improper Authentication
|
CVE-2023-52160
|
2024-10-24 04:34 |
2024-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
84
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ocfs2: add bounds checking to ocfs2_xattr_find_entry()
Add a paranoia check to make sure it doesn't stray beyond valid memory
reg…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47670
|
2024-10-24 04:16 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
85
|
- |
|
-
|
-
|
The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due…
New
|
-
|
CVE-2024-48964
|
2024-10-24 04:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
86
|
- |
|
-
|
-
|
The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. The vulnerability can be triggered if Snyk test is run inside the untrusted project due to…
New
|
-
|
CVE-2024-48963
|
2024-10-24 04:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
87
|
- |
|
-
|
-
|
A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/view-card-detail.php of the component Man…
New
|
CWE-89
SQL Injection
|
CVE-2024-10299
|
2024-10-24 04:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
88
|
- |
|
-
|
-
|
A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/edit-card-detail.php of the component Managecar…
New
|
CWE-89
SQL Injection
|
CVE-2024-10298
|
2024-10-24 04:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
89
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Update
|
CWE-449
The UI Performs the Wrong Action
|
CVE-2024-43577
|
2024-10-24 04:15 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
90
|
7.3 |
HIGH
Network
djangoproject
|
django
|
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values() and values_list() methods on models with a JSONField are subject to SQL injection in column aliases via a c…
Update
|
CWE-89
SQL Injection
|
CVE-2024-42005
|
2024-10-24 03:22 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|