|
441
|
7.5 |
HIGH
Network
level1
|
wbr-6012_firmware
|
A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. A specially crafted HTTP request can lead to a reboot. An attacker can send an HTTP request…
Update
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2024-33623
|
2024-11-14 03:43 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
442
|
7.5 |
HIGH
Network
opensourcelabs
|
skyscraper
|
SkyScrape is a GUI Dashboard for AWS Infrastructure and Managing Resources and Usage Costs. SkyScrape's API requests are currently unsecured HTTP requests, leading to potential vulnerabilities for t…
Update
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2024-37163
|
2024-11-14 03:42 |
2024-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
443
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan()
KASAN reported following issue:
BUG: KASAN: stack…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2024-50227
|
2024-11-14 03:39 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
444
|
5.3 |
MEDIUM
Network
level1
|
wbr-6012_firmware
|
The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application, which allows unauthenticated users to access a verbose system log page and obtain sensitive data, such…
Update
|
NVD-CWE-noinfo
|
CVE-2024-33603
|
2024-11-14 03:39 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
445
|
5.9 |
MEDIUM
Network
|
level1
|
wbr-6012_firmware
|
A vulnerability in the LevelOne WBR-6012 router's firmware version R0.40e6 allows sensitive information to be transmitted in cleartext via Web and FTP services, exposing it to network sniffing attack…
Update
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2024-32946
|
2024-11-14 03:39 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
446
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm: shmem: fix data-race in shmem_getattr()
I got the following KCSAN report during syzbot testing:
============================…
Update
|
CWE-362
Race Condition
|
CVE-2024-50228
|
2024-11-14 03:38 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
447
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: fix potential deadlock with newly created symlinks
Syzbot reported that page_symlink(), called by nilfs_symlink(), trigge…
Update
|
CWE-667
Improper Locking
|
CVE-2024-50229
|
2024-11-14 03:35 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
448
|
- |
|
-
|
-
|
vditor v.3.9.8 and before is vulnerable to Arbitrary file read via a crafted data packet.
Update
|
-
|
CVE-2024-39150
|
2024-11-14 03:35 |
2024-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
449
|
- |
|
-
|
-
|
A SQL injection vulnerability in /model/get_events.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the event_id parameter.
Update
|
-
|
CVE-2024-33403
|
2024-11-14 03:35 |
2024-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
450
|
3.7 |
LOW
Network
|
-
|
-
|
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java…
Update
|
-
|
CVE-2024-21012
|
2024-11-14 03:35 |
2024-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
