|
791
|
6.1 |
MEDIUM
Network
|
jgniecki
|
minecraft_motd_parser
|
Minecraft MOTD Parser is a PHP library to parse minecraft server motd. The HtmlGenerator class is subject to potential cross-site scripting (XSS) attack through a parsed malformed Minecraft server MO…
Update
|
CWE-79
CWE-80
Cross-site Scripting
Basic XSS
|
CVE-2024-47765
|
2024-11-13 23:48 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
792
|
9.8 |
CRITICAL
Network
mudler
|
localai
|
mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of automatic archive extraction. When model configurations specify additional files as archives (e.g., .tar), th…
Update
|
NVD-CWE-noinfo
|
CVE-2024-6868
|
2024-11-13 23:43 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
793
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug
Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bo…
Update
|
NVD-CWE-noinfo
|
CVE-2024-49886
|
2024-11-13 23:39 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
794
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm, slub: avoid zeroing kmalloc redzone
Since commit 946fa0dbf2d8 ("mm/slub: extend redzone check to extra
allocated kmalloc spac…
Update
|
NVD-CWE-noinfo
|
CVE-2024-49885
|
2024-11-13 23:36 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
795
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
resource: fix region_intersects() vs add_memory_driver_managed()
On a system with CXL memory, the resource tree (/proc/iomem) rel…
Update
|
NVD-CWE-noinfo
|
CVE-2024-49878
|
2024-11-13 23:32 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
796
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm/gup: fix memfd_pin_folios alloc race panic
If memfd_pin_folios tries to create a hugetlb page, but someone else
already did, t…
Update
|
CWE-362
Race Condition
|
CVE-2024-49872
|
2024-11-13 23:26 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
797
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix a race between socket set up and I/O thread creation
In rxrpc_open_socket(), it sets up the socket and then sets up th…
Update
|
CWE-362
Race Condition
|
CVE-2024-49864
|
2024-11-13 23:23 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
798
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: btintel_pcie: Allocate memory for driver private data
Fix driver not allocating memory for struct btintel_data which i…
Update
|
NVD-CWE-noinfo
|
CVE-2024-46869
|
2024-11-13 23:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
799
|
9.8 |
CRITICAL
Network
micahblu
|
rsvp_me
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Micah Blu RSVP ME allows SQL Injection.This issue affects RSVP ME: from n/a through 1.9.9.
Update
|
CWE-89
SQL Injection
|
CVE-2024-50491
|
2024-11-13 23:00 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
800
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
jfs: check if leafidx greater than num leaves per dmap tree
syzbot report a out of bounds in dbSplit, it because dmt_leafidx grea…
Update
|
NVD-CWE-noinfo
|
CVE-2024-49902
|
2024-11-13 22:47 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
