|
256521
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: nexthop: Initialize all fields in dumped nexthops
struct nexthop_grp contains two reserved fields that are not initialized b…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-42283
|
2024-08-20 04:54 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256522
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: mediatek: Fix potential NULL pointer dereference in dummy net_device handling
Move the freeing of the dummy net_device from …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-42282
|
2024-08-20 04:53 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256523
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tipc: Return non-zero value from tipc_udp_addr2str() on error
tipc_udp_addr2str() should return non-zero value if the UDP media
a…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-42284
|
2024-08-20 04:47 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256524
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
RDMA/iwcm: Fix a use-after-free related to destroying CM IDs
iw_conn_req_handler() associates a new struct rdma_id_private (conn_…
|
CWE-416
Use After Free
|
CVE-2024-42285
|
2024-08-20 04:45 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256525
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
block: fix deadlock between sd_remove & sd_release
Our test report the following hung task:
[ 2538.459400] INFO: task "kworker/0…
|
CWE-667
Improper Locking
|
CVE-2024-42294
|
2024-08-20 04:43 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256526
|
9.8 |
CRITICAL
Network
|
projectworlds
|
online_examination_system
|
Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php.
|
CWE-89
SQL Injection
|
CVE-2024-42843
|
2024-08-20 04:35 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256527
|
8.8 |
HIGH
Network
|
xuxueli
|
xxl-job
|
Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-42681
|
2024-08-20 04:35 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256528
|
6.8 |
MEDIUM
Physics
|
dieboldnixdorf
|
vynamic_security_suite
|
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR12, 4.0.0 SR04, 4.1.0 SR02, and 4.2.0 SR01 fails to validate the directory structure of the root file system during the Pre-Boot Authorizat…
|
NVD-CWE-noinfo
|
CVE-2023-24062
|
2024-08-20 04:05 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256529
|
6.8 |
MEDIUM
Physics
|
dieboldnixdorf
|
vynamic_security_suite
|
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR16, 4.0.0 SR06, 4.1.0 SR04, 4.2.0 SR03, and 4.3.0 SR01 fails to validate symlinks during the Pre-Boot Authorization (PBA) process. This can…
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2023-33206
|
2024-08-20 04:04 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256530
|
6.6 |
MEDIUM
Physics
|
dieboldnixdorf
|
vynamic_security_suite
|
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR15, 4.0.0 SR05, 4.1.0 SR03, and 4.2.0 SR02 fails to validate the directory contents of certain directories (e.g., ensuring the expected has…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2023-28865
|
2024-08-20 04:04 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
