|
251711
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc()
In mlx5e_tir_builder_alloc() kvzalloc() may return NULL
which is dereferen…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50000
|
2024-10-26 04:55 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251712
|
8.8 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: fix invalid memory access while processing fragmented packets
The monitor ring and the reo reinject ring share the …
|
NVD-CWE-noinfo
|
CVE-2024-43847
|
2024-10-26 04:55 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251713
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
lib: objagg: Fix general protection fault
The library supports aggregation of objects into other objects only if
the parent objec…
|
NVD-CWE-noinfo
|
CVE-2024-43846
|
2024-10-26 04:52 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251714
|
3.3 |
LOW
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
udf: Fix bogus checksum computation in udf_rename()
Syzbot reports uninitialized memory access in udf_rename() when updating
chec…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-43845
|
2024-10-26 04:51 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251715
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
exfat: fix memory leak in exfat_load_bitmap()
If the first directory entry in the root directory is not a bitmap
directory entry,…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50013
|
2024-10-26 04:49 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251716
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtw89: wow: fix GTK offload H2C skbuff issue
We mistakenly put skb too large and that may exceed skb->end.
Therefore, we fi…
|
NVD-CWE-noinfo
|
CVE-2024-43844
|
2024-10-26 04:49 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251717
|
5.4 |
MEDIUM
Network
|
o-dyn
|
collabtive
|
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under (a) action=add or action=edit within managemilestone.php file and (b) action=addpro within admin.php file.
|
CWE-79
Cross-site Scripting
|
CVE-2024-48707
|
2024-10-26 04:11 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251718
|
5.4 |
MEDIUM
Network
|
o-dyn
|
collabtive
|
Collabtive 3.1 is vulnerable to Cross-Site Scripting (XSS) via the name parameter in (a) file tasklist.php under action = add/edit and in (b) file admin.php under action = adduser/edituser.
|
CWE-79
Cross-site Scripting
|
CVE-2024-48708
|
2024-10-26 04:10 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251719
|
8.8 |
HIGH
Network
|
pandorafms
|
pandora_fms
|
A post-authentication SQL Injection vulnerability within the filters parameter of the extensions/agents_modules_csv functionality. This issue affects Pandora FMS: from 700 through <777.3.
|
CWE-89
SQL Injection
|
CVE-2024-9987
|
2024-10-26 04:06 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251720
|
8.8 |
HIGH
Network
|
pandorafms
|
pandora_fms
|
A post-authentication arbitrary file read vulnerability within the server plugins section in plugin edition feature. This issue affects Pandora FMS: from 700 through <777.3.
|
CWE-22
Path Traversal
|
CVE-2024-35308
|
2024-10-26 04:06 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
