|
311501
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/vmwgfx: Prevent unmapping active read buffers
The kms paths keep a persistent map active to read and compare the cursor
buffe…
|
NVD-CWE-noinfo
|
CVE-2024-46710
|
2024-10-17 23:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311502
|
4.4 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
selinux,smack: don't bypass permissions check in inode_setsecctx hook
Marek Gresko reports that the root user on an NFS client is…
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-46695
|
2024-10-17 23:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311503
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate()
The subs function argument may be NULL, so…
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-52904
|
2024-10-17 23:15 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311504
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Always drain health in shutdown callback
There is no point in recovery during device shutdown. if health
work started n…
|
-
|
CVE-2024-43866
|
2024-10-17 23:15 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311505
|
6.1 |
MEDIUM
Network
|
phpoffice
|
phpspreadsheet
|
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. One of the sample scripts in PhpSpreadsheet is susceptible to a cross-site scripting (XSS) vulnerability due to imprope…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45060
|
2024-10-17 23:14 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311506
|
5.5 |
MEDIUM
Local
|
fortra
|
robot_schedule
|
Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the agent log file when detailed logging is enabled.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-8264
|
2024-10-17 23:06 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311507
|
2.7 |
LOW
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 9.5.x <= 9.5.7, 9.10.x <= 9.10.0 fail to properly enforce permissions which allows a team admin user without "Add Team Members" permission to disable the invite URL.
|
NVD-CWE-noinfo
|
CVE-2024-40884
|
2024-10-17 23:05 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311508
|
9.8 |
CRITICAL
Network
|
online_health_care_system_project
|
online_health_care_system
|
A vulnerability classified as critical has been found in SourceCodester Online Health Care System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument f_name …
|
CWE-89
SQL Injection
|
CVE-2024-8080
|
2024-10-17 23:04 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311509
|
6.5 |
MEDIUM
Network
|
ampache
|
ampache
|
ampache is a web based audio/video streaming application and file manager. A CSRF attack can be performed in order to delete objects (Playlist, smartlist etc.). Cross-Site Request Forgery (CSRF) is a…
|
CWE-352
Origin Validation Error
|
CVE-2024-47828
|
2024-10-17 22:55 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311510
|
4.3 |
MEDIUM
Network
|
enalean
|
tuleap
|
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.113, Tuleap Enterprise Edition 15.13-5, and Tuleap Enterprise Edition 1…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-47767
|
2024-10-17 22:50 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
