|
250881
|
5.3 |
MEDIUM
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to don't set SB_RDONLY in f2fs_handle_critical_error()
syzbot reports a f2fs bug as below:
------------[ cut here ]---…
|
CWE-362
Race Condition
|
CVE-2024-47689
|
2024-10-24 00:53 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250882
|
9.8 |
CRITICAL
Network
|
paxman
|
product_website_showcase
|
Unrestricted Upload of File with Dangerous Type vulnerability in Paxman Product Website Showcase allows Upload a Web Shell to a Web Server.This issue affects Product Website Showcase: from n/a throug…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-49611
|
2024-10-24 00:49 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250883
|
6.1 |
MEDIUM
Network
|
dotsquares
|
google_map_locations
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dotsquares Google Map Locations allows Reflected XSS.This issue affects Google Map Locatio…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49606
|
2024-10-24 00:49 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250884
|
9.8 |
CRITICAL
Network
|
najeebmedia
|
simple_user_registration
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in Najeeb Ahmad Simple User Registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a thro…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-49604
|
2024-10-24 00:49 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250885
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
driver core: Fix a potential null-ptr-deref in module_add_driver()
Inject fault while probing of-fpga-region, if kasprintf() fail…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47688
|
2024-10-24 00:36 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250886
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate()
The psc->div[] array has psc->num_div elements. These values come from…
|
CWE-193
Off-by-one Error
|
CVE-2024-47686
|
2024-10-24 00:34 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250887
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc()
If we need to increase the tree depth, allocate a new node, and…
|
CWE-362
Race Condition
|
CVE-2024-47668
|
2024-10-24 00:30 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250888
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vdpa/mlx5: Fix invalid mr resource destroy
Certain error paths from mlx5_vdpa_dev_add() can end up releasing mr
resources which n…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2024-47687
|
2024-10-24 00:22 |
2024-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250889
|
- |
|
-
|
-
|
CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the membershipType parameter in edit_type.php
|
-
|
CVE-2024-48709
|
2024-10-24 00:13 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250890
|
- |
|
-
|
-
|
Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /doctor/edit-profile.php and adminremark parameter in /admin/query-detail…
|
-
|
CVE-2024-46239
|
2024-10-24 00:13 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
