|
531
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: propagate directory read errors from nilfs_find_entry()
Syzbot reported that a task hang occurs in vcs_open() during a fu…
Update
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-50202
|
2024-11-20 01:12 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
532
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/radeon: Fix encoder->possible_clones
Include the encoder itself in its possible_clones bitmask.
In the past nothing validated…
Update
|
NVD-CWE-noinfo
|
CVE-2024-50201
|
2024-11-20 01:08 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
533
|
7.2 |
HIGH
Network
|
tenable
|
security_center
|
A command injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Logging parameters, which could lead to…
Update
|
CWE-78
OS Command
|
CVE-2024-1367
|
2024-11-20 01:06 |
2024-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
534
|
4.8 |
MEDIUM
Network
|
tenable
|
security_center
|
An HTML injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Repository parameters, which could lead t…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-1471
|
2024-11-20 01:05 |
2024-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
535
|
4.8 |
MEDIUM
Network
|
open-emr
|
openemr
|
A stored cross-site scripting (XSS) vulnerability exists in openemr/openemr version 7.0.1. An attacker can inject malicious payloads into the 'inputBody' field in the Secure Messaging feature, which …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-0875
|
2024-11-20 01:03 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
536
|
7.5 |
HIGH
Network
schneider-electric
|
powerlogic_pm5341_firmware
powerlogic_pm5340_firmware
powerlogic_pm5320_firmware
|
CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to become
unresponsive resulting in communication loss when a large amount of IGMP packets is present in…
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-9409
|
2024-11-20 00:59 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
537
|
4.8 |
MEDIUM
Network
|
vektor-inc
|
vk_all_in_one_expansion_unit
|
Cross-site scripting vulnerability exists in VK All in One Expansion Unit versions prior to 9.100.1.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of th…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-52268
|
2024-11-20 00:57 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
538
|
4.8 |
MEDIUM
Network
|
pimcore
|
pimcore
|
A stored Cross-site Scripting (XSS) vulnerability exists in the Conditions tab of Pricing Rules in pimcore/pimcore versions 10.5.19. The vulnerability is present in the From and To fields of the Date…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2023-2332
|
2024-11-20 00:55 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
539
|
5.4 |
MEDIUM
Network
|
royal-elementor-addons
|
royal_elementor_addons
|
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 1.7.1001 due to insu…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9668
|
2024-11-20 00:55 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
540
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-…
Update
|
CWE-416
Use After Free
|
CVE-2023-4679
|
2024-11-20 00:54 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
