|
255991
|
4.3 |
MEDIUM
Network
|
helloasso
|
helloasso
|
The HelloAsso plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ha_ajax' function in all versions up to, and including, 1.1.10. This ma…
|
CWE-862
Missing Authorization
|
CVE-2024-7605
|
2024-09-12 23:24 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255992
|
5.3 |
MEDIUM
Network
|
mycred
|
mycred
|
Missing Authorization vulnerability in myCred.This issue affects myCred: from n/a through 2.7.2.
|
CWE-862
Missing Authorization
|
CVE-2024-43214
|
2024-09-12 23:17 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255993
|
- |
|
-
|
-
|
CVE-2024-45824 IMPACT
A remote
code vulnerability exists in the affected products. The vulnerability occurs
when chained with Path Traversal, Command Injection, and XSS Vulnerabilities
and allows …
|
-
|
CVE-2024-45824
|
2024-09-12 23:16 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255994
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
fou: remove warn in gue_gro_receive on unsupported protocol
Drop the WARN_ON_ONCE inn gue_gro_receive if the encapsulated type is…
|
NVD-CWE-noinfo
|
CVE-2024-44940
|
2024-09-12 23:10 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255995
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
io_uring/poll: add hash if ready poll request can't complete inline
If we don't, then we may lose access to it completely, leadin…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2023-52914
|
2024-09-12 23:07 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255996
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
jfs: Fix shift-out-of-bounds in dbDiscardAG
When searching for the next smaller log2 block, BLKSTOL2() returned 0,
causing shift …
|
CWE-787
Out-of-bounds Write
|
CVE-2024-44938
|
2024-09-12 23:05 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255997
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: do not start relocation until in progress drops are done
We hit a bug with a recovering relocation on mount for one of our…
|
NVD-CWE-noinfo
|
CVE-2022-48901
|
2024-09-12 23:05 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255998
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: do not WARN_ON() if we have PageError set
Whenever we do any extent buffer operations we call
assert_eb_page_uptodate() to…
|
NVD-CWE-noinfo
|
CVE-2022-48902
|
2024-09-12 23:01 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255999
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix relocation crash due to premature return from btrfs_commit_transaction()
We are seeing crashes similar to the followin…
|
NVD-CWE-noinfo
|
CVE-2022-48903
|
2024-09-12 22:58 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256000
|
9.8 |
CRITICAL
Network
|
sap
|
business_objects_business_intelligence_platform
|
In SAP BusinessObjects Business Intelligence
Platform, if Single Signed On is enabled on Enterprise authentication, an
unauthorized user can get a logon token using a REST endpoint. The attacker can
…
|
CWE-862
Missing Authorization
|
CVE-2024-41730
|
2024-09-12 22:56 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
