|
255841
|
5.4 |
MEDIUM
Network
|
perfexcrm
|
perfex_crm
|
A stored cross-site scripting (XSS) vulnerability in the Discussion section of Perfex CRM v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Cont…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44851
|
2024-09-14 01:34 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255842
|
9.8 |
CRITICAL
Network
|
comfast
|
cf-xr11_firmware
|
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter iface.
|
CWE-77
Command Injection
|
CVE-2024-44466
|
2024-09-14 01:32 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255843
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE
copy_fd_bitmaps(new, old, count) is expected to copy the first
co…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-45025
|
2024-09-14 01:30 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255844
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
md/raid1: Fix data corruption for degraded array with slow disk
read_balance() will avoid reading from slow disks as much as poss…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-45023
|
2024-09-14 01:30 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255845
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm/hugetlb: fix hugetlb vs. core-mm PT locking
We recently made GUP's common page table walking code to also walk hugetlb
VMAs wi…
|
CWE-667
Improper Locking
|
CVE-2024-45024
|
2024-09-14 01:30 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255846
|
3.9 |
LOW
Physics
|
redhat
opensc_project
|
enterprise_linux
opensc
|
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs.
Insufficient…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-45618
|
2024-09-14 01:30 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255847
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion
wpa_supplicant 2.11 sends since 1efdba5fdc2c ("Handle PMKSA flush in t…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-46672
|
2024-09-14 01:29 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255848
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
igb: cope with large MAX_SKB_FRAGS
Sabrina reports that the igb driver does not cope well with large
MAX_SKB_FRAG values: setting…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-45030
|
2024-09-14 01:29 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255849
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
i2c: tegra: Do not mark ACPI devices as irq safe
On ACPI machines, the tegra i2c module encounters an issue due to a
mutex being …
|
CWE-667
Improper Locking
|
CVE-2024-45029
|
2024-09-14 01:29 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255850
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mmc: mmc_test: Fix NULL dereference on allocation failure
If the "test->highmem = alloc_pages()" allocation fails then calling
__…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-45028
|
2024-09-14 01:29 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
