|
313281
|
- |
|
-
|
-
|
An issue was discovered in Qt before 6.2.11 and 6.3.x through 6.6.x before 6.6.1. When a QML image refers to an image whose content is not known yet, there is an assumption that it is an SVG document…
|
-
|
CVE-2023-45872
|
2024-11-13 06:35 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313282
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: test for not too small csum_start in virtio_net_hdr_to_skb()
syzbot was able to trigger this warning [1], after injecting a
…
|
NVD-CWE-noinfo
|
CVE-2024-49947
|
2024-11-13 06:25 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313283
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: add more sanity checks to qdisc_pkt_len_init()
One path takes care of SKB_GSO_DODGY, assuming
skb->len is bigger than hdr_le…
|
NVD-CWE-noinfo
|
CVE-2024-49948
|
2024-11-13 06:19 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313284
|
7.5 |
HIGH
Network
|
-
|
-
|
A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing spec…
|
CWE-863
Incorrect Authorization
|
CVE-2024-10295
|
2024-11-13 06:15 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313285
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: MGMT: Fix possible crash on mgmt_index_removed
If mgmt_index_removed is called while there are commands queued on
cmd_…
|
NVD-CWE-noinfo
|
CVE-2024-49951
|
2024-11-13 06:06 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313286
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: avoid potential underflow in qdisc_pkt_len_init() with UFO
After commit 7c6d2ecbda83 ("net: be more gentle about silly gso
r…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-49949
|
2024-11-13 06:03 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313287
|
9.8 |
CRITICAL
Network
|
eyecix
|
jobsearch_wp_job_board
|
Missing Authorization vulnerability in eyecix JobSearch allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JobSearch: from n/a through 2.5.4.
|
CWE-862
Missing Authorization
|
CVE-2024-43929
|
2024-11-13 05:49 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313288
|
8.8 |
HIGH
Network
|
eyecix
|
jobsearch_wp_job_board
|
Missing Authorization vulnerability in eyecix JobSearch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobSearch: from n/a through 2.5.4.
|
CWE-862
Missing Authorization
|
CVE-2024-43928
|
2024-11-13 05:49 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313289
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
RDMA/mad: Improve handling of timed out WRs of mad agent
Current timeout handler of mad agent acquires/releases mad_agent_priv
lo…
|
NVD-CWE-noinfo
|
CVE-2024-50095
|
2024-11-13 05:26 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313290
|
7.5 |
HIGH
Network
|
dena
|
h2o
|
h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When an HTTP request using TLS/1.3 early data on top of TCP Fast Open or QUIC 0-RTT packets is received and the IP-address-based ac…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2024-45397
|
2024-11-13 05:14 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
