|
256481
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/tcp: Disable TCP-AO static key after RCU grace period
The lifetime of TCP-AO static_key is the same as the last
tcp_ao_info. …
|
NVD-CWE-noinfo
|
CVE-2024-43887
|
2024-09-6 04:43 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256482
|
4.9 |
MEDIUM
Network
|
dell
|
path_to_powerprotect
|
Dell Path to PowerProtect, versions 1.1, 1.2, contains an Exposure of Private Personal Information to an Unauthorized Actor vulnerability. A remote high privileged attacker could potentially exploit …
|
NVD-CWE-noinfo
|
CVE-2024-37136
|
2024-09-6 04:01 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256483
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tracing: Fix overflow in get_free_elt()
"tracing_map->next_elt" in get_free_elt() is at risk of overflowing.
Once it overflows, …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-43890
|
2024-09-6 03:48 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256484
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tracing: Have format file honor EVENT_FILE_FL_FREED
When eventfs was introduced, special care had to be done to coordinate the
fr…
|
CWE-416
Use After Free
|
CVE-2024-43891
|
2024-09-6 03:46 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256485
|
7.5 |
HIGH
Network
|
blood_bank_system_project
|
blood_bank_system
|
A vulnerability, which was classified as critical, was found in code-projects Blood Bank System 1.0. Affected is an unknown function of the file /login.php of the component Login Page. The manipulati…
|
CWE-89
SQL Injection
|
CVE-2024-8173
|
2024-09-6 03:39 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256486
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ASoC: cs-amp-lib: Fix NULL pointer crash if efi.get_variable is NULL
Call efi_rt_services_supported() to check that efi.get_varia…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-43896
|
2024-09-6 03:37 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256487
|
5.4 |
MEDIUM
Network
|
lopalopa
|
music_management_system
|
A Reflected Cross Site Scripting (XSS) vulnerability was found in "/music/index.php?page=test" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2024-42790
|
2024-09-6 03:36 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256488
|
9.8 |
CRITICAL
Network
|
seacms
|
seacms
|
SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of /js/player/dmplayer/dmku/index.php?ac=so.
|
CWE-89
SQL Injection
|
CVE-2024-41444
|
2024-09-6 03:36 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256489
|
3.5 |
LOW
Network
|
lopalopa
|
music_management_system
|
A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via /music/ajax.php?action=delete_playlist page.
|
CWE-352
Origin Validation Error
|
CVE-2024-42792
|
2024-09-6 03:35 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256490
|
7.5 |
HIGH
Network
|
netskope
|
netskope
|
Netskope was notified about a security gap in Netskope Client enrollment process where NSClient is using a static token “Orgkey” as authentication parameter. Since this is a static token, if leaked, …
|
CWE-287
Improper Authentication
|
CVE-2024-7401
|
2024-09-6 03:34 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
