|
309671
|
7.5 |
HIGH
Network
|
jenkins
|
credentials
|
Jenkins Credentials Plugin 1380.va_435002fa_924 and earlier, except 1371.1373.v4eb_fa_b_7161e9, does not redact encrypted values of credentials using the `SecretBytes` type when accessing item `confi…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-47805
|
2024-11-14 02:32 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309672
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Fix possible deadlock in mi_read
Mutex lock with another subclass used in ni_lock_dir().
|
NVD-CWE-noinfo
|
CVE-2024-50245
|
2024-11-14 02:29 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309673
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Additional check in ni_clear()
Checking of NTFS_FLAGS_LOG_REPLAYING added to prevent access to
uninitialized bitmap dur…
|
NVD-CWE-noinfo
|
CVE-2024-50244
|
2024-11-14 02:28 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309674
|
4.3 |
MEDIUM
Network
|
jenkins
|
jenkins
|
If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of …
|
NVD-CWE-noinfo
|
CVE-2024-47804
|
2024-11-14 02:28 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309675
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/connector: hdmi: Fix memory leak in drm_display_mode_from_cea_vic()
modprobe drm_connector_test and then rmmod drm_connector_…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50214
|
2024-11-14 02:25 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309676
|
4.3 |
MEDIUM
Network
|
northern.tech
|
mender
|
Northern.tech Mender before 3.6.5 and 3.7.x before 3.7.5 has Incorrect Access Control.
|
NVD-CWE-Other
|
CVE-2024-46948
|
2024-11-14 02:18 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309677
|
6.5 |
MEDIUM
Network
|
openc3
|
cosmos
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. OpenC3 COSMOS stores the password of a user unencrypted in the LocalStorage of …
|
-
|
CVE-2024-47529
|
2024-11-14 02:15 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309678
|
5.9 |
MEDIUM
Network
|
redhat
|
kroxylicious
|
A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resultin…
|
CWE-295
Improper Certificate Validation
|
CVE-2024-8285
|
2024-11-14 02:15 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309679
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtw89: avoid to add interface to list twice when SER
If SER L2 occurs during the WoWLAN resume flow, the add interface flow…
|
NVD-CWE-noinfo
|
CVE-2024-49939
|
2024-11-14 02:04 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309680
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: Set correct chandef when starting CAC
When starting CAC in a mode other than AP mode, it return a
"WARNING: CPU: …
|
NVD-CWE-noinfo
|
CVE-2024-49937
|
2024-11-14 02:02 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
