|
305811
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
exfat: fix memory leak in exfat_load_bitmap()
If the first directory entry in the root directory is not a bitmap
directory entry,…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-50013
|
2024-10-26 04:49 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305812
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: rtw89: wow: fix GTK offload H2C skbuff issue
We mistakenly put skb too large and that may exceed skb->end.
Therefore, we fi…
|
NVD-CWE-noinfo
|
CVE-2024-43844
|
2024-10-26 04:49 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305813
|
5.4 |
MEDIUM
Network
|
o-dyn
|
collabtive
|
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under (a) action=add or action=edit within managemilestone.php file and (b) action=addpro within admin.php file.
|
CWE-79
Cross-site Scripting
|
CVE-2024-48707
|
2024-10-26 04:11 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305814
|
5.4 |
MEDIUM
Network
|
o-dyn
|
collabtive
|
Collabtive 3.1 is vulnerable to Cross-Site Scripting (XSS) via the name parameter in (a) file tasklist.php under action = add/edit and in (b) file admin.php under action = adduser/edituser.
|
CWE-79
Cross-site Scripting
|
CVE-2024-48708
|
2024-10-26 04:10 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305815
|
8.8 |
HIGH
Network
|
pandorafms
|
pandora_fms
|
A post-authentication SQL Injection vulnerability within the filters parameter of the extensions/agents_modules_csv functionality. This issue affects Pandora FMS: from 700 through <777.3.
|
CWE-89
SQL Injection
|
CVE-2024-9987
|
2024-10-26 04:06 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305816
|
8.8 |
HIGH
Network
|
pandorafms
|
pandora_fms
|
A post-authentication arbitrary file read vulnerability within the server plugins section in plugin edition feature. This issue affects Pandora FMS: from 700 through <777.3.
|
CWE-22
Path Traversal
|
CVE-2024-35308
|
2024-10-26 04:06 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305817
|
4.8 |
MEDIUM
Network
|
o-dyn
|
collabtive
|
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under action=system and the company/contact parameters under action=addcust within admin.php file.
|
CWE-79
Cross-site Scripting
|
CVE-2024-46240
|
2024-10-26 04:00 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305818
|
7.5 |
HIGH
Network
|
phpgurukul
|
client_management_system
|
Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php.
|
CWE-89
SQL Injection
|
CVE-2024-48570
|
2024-10-26 03:59 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305819
|
5.4 |
MEDIUM
Network
|
o-dyn
|
collabtive
|
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the title parameter with action=add or action=editform within the (a) managemessage.php file and (b) managetask.php file respectively.
|
CWE-79
Cross-site Scripting
|
CVE-2024-48706
|
2024-10-26 03:58 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305820
|
4.3 |
MEDIUM
Network
|
qodeinteractive
|
qi_addons_for_elementor
|
The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.0 via private templates. This makes it possible for authenti…
|
NVD-CWE-noinfo
|
CVE-2024-9530
|
2024-10-26 03:52 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
