|
41
|
- |
|
-
|
-
|
A stored cross-site scripting (XSS) vulnerability in survey titles of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the Survey Title field or Survey Instructions. When a u…
New
|
-
|
CVE-2024-56377
|
2025-01-10 08:15 |
2025-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
42
|
- |
|
-
|
-
|
A stored cross-site scripting (XSS) vulnerability in the built-in messenger of REDCap 14.9.6 allows authenticated users to inject malicious scripts into the message field. When a user click on the re…
New
|
-
|
CVE-2024-56376
|
2025-01-10 08:15 |
2025-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
43
|
8.8 |
HIGH
Network
|
-
|
-
|
A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized attacker to disclose information over a network.
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2025-21385
|
2025-01-10 07:15 |
2025-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
44
|
- |
|
-
|
-
|
In PRIMX ZED Enterprise up to 2024.3, technical files stored in local folders with common user access can be manipulated to render the host computer unavailable or to execute programs with an elevati…
New
|
-
|
CVE-2024-46464
|
2025-01-10 07:15 |
2025-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
45
|
- |
|
-
|
-
|
An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call check_nrpe against affected targets, specifying known NRPE plugins, which in default installations ar…
New
|
-
|
CVE-2023-28354
|
2025-01-10 07:15 |
2025-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
46
|
- |
|
-
|
-
|
In FRRouting (FRR) before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size, default 4K on most OSes. An atta…
Update
|
-
|
CVE-2024-55553
|
2025-01-10 07:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
47
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
quota: flush quota_release_work upon quota writeback
One of the paths quota writeback is called from is:
freeze_super()
sync_f…
New
|
NVD-CWE-noinfo
|
CVE-2024-56780
|
2025-01-10 06:50 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
48
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check
The return value of drm_atomic_get_crtc_state() …
New
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-56778
|
2025-01-10 06:50 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
49
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur
The action force umount(umount -f) will attempt to kill all rpc_ta…
New
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-56779
|
2025-01-10 06:48 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
50
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/sti: avoid potential dereference of error pointers in sti_gdp_atomic_check
The return value of drm_atomic_get_crtc_state() ne…
New
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-56777
|
2025-01-10 06:43 |
2025-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
