|
313091
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages
Avoid memory corruption while setting up Level-2 PBL pages for the non…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-50208
|
2024-11-20 01:23 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313092
|
9.8 |
CRITICAL
Network
|
matthewmueller
|
dom-iterator
|
All versions of the package dom-iterator are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body …
|
CWE-94
Code Injection
|
CVE-2024-21541
|
2024-11-20 01:20 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313093
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ring-buffer: Fix reader locking when changing the sub buffer order
The function ring_buffer_subbuf_order_set() updates each
ring_…
|
CWE-667
Improper Locking
|
CVE-2024-50207
|
2024-11-20 01:18 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313094
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs: don't try and remove empty rbtree node
When copying a namespace we won't have added the new copy into the
namespace rbtree un…
|
NVD-CWE-noinfo
|
CVE-2024-50204
|
2024-11-20 01:17 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313095
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf, arm64: Fix address emission with tag-based KASAN enabled
When BPF_TRAMP_F_CALL_ORIG is enabled, the address of a bpf_tramp_i…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-50203
|
2024-11-20 01:16 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313096
|
- |
|
-
|
-
|
Cachi2 is a command-line interface tool that pre-fetches a project's dependencies to aid in making the project's build process network-isolated. Prior to version 0.14.0, secrets may be shown in logs …
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2024-52582
|
2024-11-20 01:15 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313097
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nilfs2: propagate directory read errors from nilfs_find_entry()
Syzbot reported that a task hang occurs in vcs_open() during a fu…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2024-50202
|
2024-11-20 01:12 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313098
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/radeon: Fix encoder->possible_clones
Include the encoder itself in its possible_clones bitmask.
In the past nothing validated…
|
NVD-CWE-noinfo
|
CVE-2024-50201
|
2024-11-20 01:08 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313099
|
4.8 |
MEDIUM
Network
|
open-emr
|
openemr
|
A stored cross-site scripting (XSS) vulnerability exists in openemr/openemr version 7.0.1. An attacker can inject malicious payloads into the 'inputBody' field in the Secure Messaging feature, which …
|
CWE-79
Cross-site Scripting
|
CVE-2024-0875
|
2024-11-20 01:03 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313100
|
7.5 |
HIGH
Network
|
schneider-electric
|
powerlogic_pm5341_firmware
powerlogic_pm5340_firmware
powerlogic_pm5320_firmware
|
CWE-400: An Uncontrolled Resource Consumption vulnerability exists that could cause the device to become
unresponsive resulting in communication loss when a large amount of IGMP packets is present in…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-9409
|
2024-11-20 00:59 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
