|
313471
|
8.8 |
HIGH
Network
|
codection
|
clean_login
|
The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. This makes …
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2024-8252
|
2024-09-3 23:31 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313472
|
6.1 |
MEDIUM
Network
|
wpbookingcalendar
|
wp_booking_calendar
|
The WP Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters from 'timeline_obj' in all versions up to, and including, 10.5 due to insufficient …
|
CWE-79
Cross-site Scripting
|
CVE-2024-8274
|
2024-09-3 23:28 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313473
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
sched: Fix yet more sched_fork() races
Where commit 4ef0c5c6b5ba ("kernel/sched: Fix sched_fork() access an
invalid sched_task_gr…
|
NVD-CWE-noinfo
|
CVE-2022-48944
|
2024-09-3 23:26 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313474
|
9.8 |
CRITICAL
Network
|
openrapid
|
rapidcms
|
A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been classified as critical. This affects an unknown part of the file /admin/user/user-move-run.php. The manipulation of the argume…
|
CWE-89
SQL Injection
|
CVE-2024-8331
|
2024-09-3 23:25 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313475
|
9.8 |
CRITICAL
Network
|
master-nan
|
sweet-cms
|
A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been declared as critical. This vulnerability affects unknown code of the file /table/index. T…
|
CWE-89
SQL Injection
|
CVE-2024-8332
|
2024-09-3 23:23 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313476
|
- |
|
-
|
-
|
A vulnerability classified as problematic was found in Grocy up to 4.2.0. This vulnerability affects unknown code of the file /api/files/recipepictures/ of the component SVG File Upload Handler. The …
|
CWE-79
Cross-site Scripting
|
CVE-2024-8370
|
2024-09-3 23:15 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313477
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: usb: qmi_wwan: fix memory leak for not ip packets
Free the unused skb when not ip packets arrive.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-43861
|
2024-09-3 22:45 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313478
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: wan: fsl_qmc_hdlc: Convert carrier_lock spinlock to a mutex
The carrier_lock spinlock protects the carrier detection. While …
|
CWE-667
Improper Locking
|
CVE-2024-43862
|
2024-09-3 22:44 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313479
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx: Fix a deadlock in dma buf fence polling
Introduce a version of the fence ops that on release doesn't remove
the fence…
|
CWE-667
Improper Locking
|
CVE-2024-43863
|
2024-09-3 22:42 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313480
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
devres: Fix memory leakage caused by driver API devm_free_percpu()
It will cause memory leakage when use driver API devm_free_per…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-43871
|
2024-09-3 22:39 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
