|
312131
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: get rid of warning on transaction commit when using flushoncommit
When using the flushoncommit mount option, during almost…
|
CWE-667
Improper Locking
|
CVE-2022-48920
|
2024-09-12 22:04 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312132
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
sched/fair: Fix fault in reweight_entity
Syzbot found a GPF in reweight_entity. This has been bisected to
commit 4ef0c5c6b5ba ("k…
|
CWE-362
Race Condition
|
CVE-2022-48921
|
2024-09-12 21:58 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312133
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
riscv: fix oops caused by irqsoff latency tracer
The trace_hardirqs_{on,off}() require the caller to setup frame pointer
properly…
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48922
|
2024-09-12 21:52 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312134
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: prevent copying too big compressed lzo segment
Compressed length can be corrupted to be a lot larger than memory
we have a…
|
CWE-787
Out-of-bounds Write
|
CVE-2022-48923
|
2024-09-12 21:50 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312135
|
7.2 |
HIGH
Network
|
lifterlms
|
lifterlms
|
The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to blind SQL Injection via the 'order' parameter in all versions up to, and including, 7.7.5 due to …
|
CWE-89
SQL Injection
|
CVE-2024-7349
|
2024-09-12 21:43 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312136
|
9.8 |
CRITICAL
Network
|
plechevandrey
|
wp-recall
|
The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to privilege escalation/account takeover in all versions up to, and including, 16.26.8. This is due to to plu…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-8292
|
2024-09-12 21:37 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312137
|
- |
|
-
|
-
|
A vulnerability was found in Shandong Star Measurement and Control Equipment Heating Network Wireless Monitoring System 5.6.2 and classified as critical. Affected by this issue is the function GetDat…
|
CWE-89
SQL Injection
|
CVE-2024-8705
|
2024-09-12 21:35 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312138
|
- |
|
-
|
-
|
A vulnerability, which was classified as problematic, was found in JFinalCMS up to 20240903. This affects the function update of the file /admin/template/update of the component com.cms.controller.ad…
|
CWE-22
Path Traversal
|
CVE-2024-8694
|
2024-09-12 21:35 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312139
|
- |
|
-
|
-
|
A vulnerability, which was classified as problematic, has been found in Kaon CG3000 1.01.43. Affected by this issue is some unknown functionality of the component dhcpcd Command Handler. The manipula…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8693
|
2024-09-12 21:35 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312140
|
- |
|
-
|
-
|
evilnapsis Inventio Lite Versions v4 and before is vulnerable to SQL Injection via the "username" parameter in "/?action=processlogin."
|
-
|
CVE-2024-44541
|
2024-09-12 21:35 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
