|
971
|
5.5 |
MEDIUM
Local
|
dell
|
data_lakehouse
|
Dell Data Lakehouse, version(s) 1.0.0.0 and 1.1.0.0, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. An unauthenticated attacker with…
Update
|
CWE-89
SQL Injection
|
CVE-2024-47483
|
2024-10-31 09:01 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
972
|
6.5 |
MEDIUM
Adjacent
|
dell
|
data_lakehouse
|
Dell Data Lakehouse, version(s) 1.0.0.0, 1.1.0., contain(s) an Improper Access Control vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerabi…
Update
|
NVD-CWE-Other
|
CVE-2024-47481
|
2024-10-31 09:01 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
973
|
5.4 |
MEDIUM
Network
|
butlerblog
|
wp-members
|
The WP-Members Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpmem_loginout shortcode in all versions up to, and including, 3.4.9.5 due to insuf…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-10374
|
2024-10-31 09:00 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
974
|
9.8 |
CRITICAL
Network
esafenet
|
cdg
|
A vulnerability classified as critical has been found in ESAFENET CDG 5. Affected is the function actionViewCDGRenewFile of the file /com/esafenet/servlet/client/CDGRenewApplicationService.java. The …
Update
|
CWE-89
SQL Injection
|
CVE-2024-10378
|
2024-10-31 08:58 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
975
|
6.5 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may …
Update
|
CWE-457
Use of Uninitialized Variable
|
CVE-2024-9355
|
2024-10-31 08:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
976
|
0.0 |
NONE
Physics
|
-
|
-
|
Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed.
Update
|
-
|
CVE-2024-8421
|
2024-10-31 07:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
977
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: improve shutdown sequence
Alexander Sverdlin presents 2 problems during shutdown with the
lan9303 driver. One is specif…
Update
|
CWE-476
CWE-367
NULL Pointer Dereference
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-49998
|
2024-10-31 07:04 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
978
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Fix error path in multi-packet WQE transmit
Remove the erroneous unmap in case no DMA mapping was established
The mult…
Update
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-50001
|
2024-10-31 06:59 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
979
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
static_call: Handle module init failure correctly in static_call_del_module()
Module insertion invokes static_call_add_module() t…
Update
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-50002
|
2024-10-31 06:57 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
980
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit()
Syzkaller reported BUG as follows:
BUG: sleeping f…
Update
|
NVD-CWE-noinfo
|
CVE-2022-49033
|
2024-10-31 06:50 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
