|
671
|
- |
|
-
|
-
|
A stored cross-site scripting (XSS) vulnerability in survey titles of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the Survey Title field or Survey Instructions. When a u…
|
-
|
CVE-2024-56377
|
2025-01-10 08:15 |
2025-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
672
|
- |
|
-
|
-
|
A stored cross-site scripting (XSS) vulnerability in the built-in messenger of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the message field. When a user click on the re…
|
-
|
CVE-2024-56376
|
2025-01-10 08:15 |
2025-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
673
|
8.8 |
HIGH
Network
|
-
|
-
|
A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized attacker to disclose information over a network.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2025-21385
|
2025-01-10 07:15 |
2025-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
674
|
- |
|
-
|
-
|
In FRRouting (FRR) before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size, default 4K on most OSes. An atta…
|
-
|
CVE-2024-55553
|
2025-01-10 07:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
675
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
quota: flush quota_release_work upon quota writeback
One of the paths quota writeback is called from is:
freeze_super()
sync_f…
|
NVD-CWE-noinfo
|
CVE-2024-56780
|
2025-01-10 06:50 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
676
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check
The return value of drm_atomic_get_crtc_state() …
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-56778
|
2025-01-10 06:50 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
677
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur
The action force umount(umount -f) will attempt to kill all rpc_ta…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-56779
|
2025-01-10 06:48 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
678
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check
The return value of drm_atomic_get_crtc_state() ne…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-56777
|
2025-01-10 06:43 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
679
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/sti: avoid potential dereference of error pointers
The return value of drm_atomic_get_crtc_state() needs to be
checked. To av…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-56776
|
2025-01-10 06:41 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
680
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Fix handling of plane refcount
[Why]
The mechanism to backup and restore plane states doesn't maintain
refcount,…
|
CWE-415
CWE-401
Double Free
Missing Release of Memory after Effective Lifetime
|
CVE-2024-56775
|
2025-01-10 06:37 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
