|
251981
|
9.8 |
CRITICAL
Network
|
teamplus
|
team\+_pro
|
The Team+ from TEAMPLUS TECHNOLOGY does not properly validate specific page parameter, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify and delete database c…
|
CWE-89
SQL Injection
|
CVE-2024-9921
|
2024-10-24 22:19 |
2024-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251982
|
6.1 |
MEDIUM
Network
|
ujangrohidin
|
localserver
|
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10286
|
2024-10-24 13:08 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251983
|
6.1 |
MEDIUM
Network
|
ujangrohidin
|
localserver
|
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10289
|
2024-10-24 13:07 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251984
|
6.1 |
MEDIUM
Network
|
ujangrohidin
|
localserver
|
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10288
|
2024-10-24 13:07 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251985
|
6.1 |
MEDIUM
Network
|
ujangrohidin
|
localserver
|
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10287
|
2024-10-24 13:07 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251986
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
media: pci: cx23885: check cx23885_vdev_init() return
cx23885_vdev_init() can return a NULL pointer, but that pointer
is used in …
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-52918
|
2024-10-24 12:55 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251987
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nfc: nci: fix possible NULL pointer dereference in send_acknowledge()
Handle memory allocation failure from nci_skb_alloc() (call…
|
CWE-476
NULL Pointer Dereference
|
CVE-2023-52919
|
2024-10-24 12:53 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251988
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods
In m_can_pci_remove() and error handling path of m_ca…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2022-49024
|
2024-10-24 12:50 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251989
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: fix buffer overflow in elem comparison
For vendor elements, the code here assumes that 5 octets
are present witho…
|
CWE-120
Classic Buffer Overflow
|
CVE-2022-49023
|
2024-10-24 12:50 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251990
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
e100: Fix possible use after free in e100_xmit_prepare
In e100_xmit_prepare(), if we can't map the skb, then return -ENOMEM, so
e…
|
CWE-416
Use After Free
|
CVE-2022-49026
|
2024-10-24 12:49 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
