|
312021
|
5.4 |
MEDIUM
Network
|
ngothang
|
wp_multitasking
|
The WP MultiTasking WordPress plugin through 0.1.12 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6859
|
2024-09-12 01:19 |
2024-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312022
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux transfer
There are 3 possible interrupt sources are handle…
|
CWE-362
Race Condition
|
CVE-2022-48898
|
2024-09-12 01:19 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312023
|
9.8 |
CRITICAL
Network
|
themetechmount
|
truebooker
|
The TrueBooker WordPress plugin before 1.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a …
|
CWE-89
SQL Injection
|
CVE-2024-6924
|
2024-09-12 01:15 |
2024-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312024
|
4.3 |
MEDIUM
Network
|
themetechmount
|
truebooker
|
The TrueBooker WordPress plugin before 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.
|
CWE-352
Origin Validation Error
|
CVE-2024-6925
|
2024-09-12 01:12 |
2024-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312025
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
arm64/mm: fix incorrect file_map_count for invalid pmd
The page table check trigger BUG_ON() unexpectedly when split hugepage:
…
|
NVD-CWE-noinfo
|
CVE-2022-48897
|
2024-09-12 01:10 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312026
|
9.8 |
CRITICAL
Network
|
angeljudesuarez
|
tailoring_management_system
|
A vulnerability was found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /inccatadd.php. The manipulation…
|
CWE-89
SQL Injection
|
CVE-2024-8570
|
2024-09-12 01:07 |
2024-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312027
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ixgbe: fix pci device refcount leak
As the comment of pci_get_domain_bus_and_slot() says, it
returns a PCI device with refcount i…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-48896
|
2024-09-12 01:06 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312028
|
5.3 |
MEDIUM
Network
|
erjemin
|
roll_cms
|
A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It has been classified as problematic. This affects an unknown part of the file roll_cms/roll_cms/views.p…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-8571
|
2024-09-12 01:05 |
2024-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312029
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommu/arm-smmu: Don't unregister on shutdown
Michael Walle says he noticed the following stack trace while performing
a shutdown …
|
CWE-476
NULL Pointer Dereference
|
CVE-2022-48895
|
2024-09-12 01:01 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312030
|
6.1 |
MEDIUM
Network
|
gouniverse
|
golang_cms
|
A vulnerability was found in Gouniverse GoLang CMS 1.4.0. It has been declared as problematic. This vulnerability affects the function PageRenderHtmlByAlias of the file FrontendHandler.go. The manipu…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8572
|
2024-09-12 00:59 |
2024-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
