|
313431
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1. A denial of service could occur upon import…
|
NVD-CWE-noinfo
|
CVE-2024-8041
|
2024-09-12 01:54 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313432
|
6.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab EE affecting all versions starting 17.0 to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1 allows an attacker to execute arbitrary command in a victim's pipel…
|
CWE-77
Command Injection
|
CVE-2024-7110
|
2024-09-12 01:52 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313433
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.2 prior to 17.1.6 starting from 17.2 prior to 17.2.4, and starting from 17.3 prior to 17.3.1, which allows an attacker t…
|
NVD-CWE-noinfo
|
CVE-2024-6502
|
2024-09-12 01:49 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313434
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op()
In zynq_qspi_exec_mem_op(), kzalloc() is directly u…
|
CWE-476
NULL Pointer Dereference
|
CVE-2021-4441
|
2024-09-12 01:43 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313435
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix race between quota rescan and disable leading to NULL pointer deref
If we have one task trying to start the quota resc…
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-52896
|
2024-09-12 01:37 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313436
|
5.4 |
MEDIUM
Network
|
share-this-image
|
share_this_image
|
The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's STI Buttons shortcode in all versions up to, and including, 2.02 due to insufficient input sani…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8363
|
2024-09-12 01:35 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313437
|
5.3 |
MEDIUM
Network
|
ivorysearch
|
ivory_search
|
The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 5.5.6 via the ajax_load_posts function. This makes it possi…
|
NVD-CWE-noinfo
|
CVE-2024-6835
|
2024-09-12 01:32 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313438
|
8.1 |
HIGH
Network
|
bitapps
|
file_manager
|
The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the 'checkSyntax' function. This is due to writing a temporary file to a publicly accessi…
|
CWE-362
Race Condition
|
CVE-2024-7627
|
2024-09-12 01:31 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313439
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
io_uring/poll: don't reissue in case of poll race on multishot request
A previous commit fixed a poll race that can occur, but it…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2023-52895
|
2024-09-12 01:31 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313440
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()
In Google internal bug 265639009 we've received an (as yet) unr…
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-52894
|
2024-09-12 01:27 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
