|
811
|
- |
|
-
|
-
|
lunasvg v3.0.1 was discovered to contain a segmentation violation via the component gray_find_cell
|
-
|
CVE-2024-55456
|
2025-02-5 01:15 |
2025-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
812
|
5.4 |
MEDIUM
Network
|
motopress
|
stratum
|
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Hotspot widget in all versions up to, and including, 1.4.7 due to insufficient…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13642
|
2025-02-5 01:00 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
813
|
6.1 |
MEDIUM
Network
|
metagauss
|
registrationmagic
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss User Registration Forms RegistrationMagic allows Reflected XSS. This issue affects Regi…
|
CWE-79
Cross-site Scripting
|
CVE-2025-24686
|
2025-02-5 00:51 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
814
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vsock/virtio: discard packets if the transport changes
If the socket has been de-assigned or assigned to another transport,
we mu…
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-21669
|
2025-02-5 00:38 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
815
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vsock/bpf: return early if transport is not assigned
Some of the core functions can only be called if the transport
has been assi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-21670
|
2025-02-5 00:37 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
816
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
zram: fix potential UAF of zram table
If zram_meta_alloc failed early, it frees allocated zram->table without
setting it NULL. W…
|
CWE-416
Use After Free
|
CVE-2025-21671
|
2025-02-5 00:36 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
817
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix double free of TCP_Server_Info::hostname
When shutting down the server in cifs_put_tcp_session(), cifsd thread
m…
|
CWE-415
Double Free
|
CVE-2025-21673
|
2025-02-5 00:33 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
818
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel
Attempt to enable IPsec packet offload in tunnel mode in …
|
CWE-667
Improper Locking
|
CVE-2025-21674
|
2025-02-5 00:31 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
819
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Clear port select structure when fail to create
Clear the port select structure on error so no stale values left after
…
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-21675
|
2025-02-5 00:30 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
820
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: fec: handle page_pool_dev_alloc_pages error
The fec_enet_update_cbd function calls page_pool_dev_alloc_pages but did
not han…
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-21676
|
2025-02-5 00:29 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
