|
2601
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
scsi: libfc: Fix array index out of bound exception
Fix array index out of bound exception in fc_rport_prli_resp().
|
-
|
CVE-2021-47308
|
2024-11-9 07:35 |
2024-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2602
|
- |
|
-
|
-
|
In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed
|
-
|
CVE-2023-52344
|
2024-11-9 07:35 |
2024-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2603
|
- |
|
-
|
-
|
In Apache Linkis <=1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module.
We recommend users upgrade the version of Linkis to version 1.5.0
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2023-50740
|
2024-11-9 07:35 |
2024-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2604
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()
Apply the same fix than ones found in :
8d975c15c0cd ("ip6_tun…
|
NVD-CWE-noinfo
|
CVE-2024-26882
|
2024-11-9 07:35 |
2024-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2605
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
md: Don't suspend the array for interrupted reshape
md_start_sync() will suspend the array if there are spares that can be
added …
|
-
|
CVE-2024-26755
|
2024-11-9 07:35 |
2024-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2606
|
- |
|
-
|
-
|
An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/m…
|
-
|
CVE-2024-48074
|
2024-11-9 07:15 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2607
|
7.8 |
HIGH
Local
|
microsoft
|
visual_studio_code
|
Visual Studio Code for Linux Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43601
|
2024-11-9 07:15 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2608
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
md/raid10: fix null ptr dereference in raid10_size()
In raid10_run() if raid10_set_queue_limits() succeed, the return value
is se…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50109
|
2024-11-9 06:30 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2609
|
8.8 |
HIGH
Network
|
truepush
|
truepush
|
Missing Authorization vulnerability in Truepush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Truepush: from n/a through 1.0.8.
|
CWE-862
Missing Authorization
|
CVE-2024-44021
|
2024-11-9 06:30 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2610
|
6.5 |
MEDIUM
Network
|
eclipse
|
jetty
|
Jetty PushSessionCacheFilter can be exploited by unauthenticated users
to launch remote DoS attacks by exhausting the server’s memory.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-6762
|
2024-11-9 06:29 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
