|
303701
|
5.3 |
MEDIUM
Network
|
landray
|
landray_ekp
|
A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sys_ui_component/sysUiComponent.do?method=delPrevi…
|
CWE-22
Path Traversal
|
CVE-2024-11238
|
2024-11-20 04:01 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303702
|
7.2 |
HIGH
Network
|
eyoucms
|
eyoucms
|
A vulnerability classified as critical has been found in EyouCMS up to 1.6.7. Affected is an unknown function of the component Website Logo Handler. The manipulation leads to unrestricted upload. It …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-11211
|
2024-11-20 04:01 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303703
|
4.3 |
MEDIUM
Network
|
landray
|
landray_ekp
|
A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the comp…
|
CWE-22
Path Traversal
|
CVE-2024-11239
|
2024-11-20 04:00 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303704
|
5.4 |
MEDIUM
Network
|
eyoucms
|
eyoucms
|
A vulnerability was found in EyouCMS 1.51. It has been rated as critical. This issue affects the function editFile of the file application/admin/logic/FilemanagerLogic.php. The manipulation of the ar…
|
CWE-22
Path Traversal
|
CVE-2024-11210
|
2024-11-20 03:42 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303705
|
6.5 |
MEDIUM
Network
|
craftcms
|
craft_cms
|
Craft is a content management system (CMS). The dataUrl function can be exploited if an attacker has write permissions on system notification templates. This function accepts an absolute file path, r…
|
CWE-22
CWE-552
Path Traversal
Files or Directories Accessible to External Parties
|
CVE-2024-52292
|
2024-11-20 03:27 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303706
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Fix possible exec queue leak in exec IOCTL
In a couple of places after an exec queue is looked up the exec IOCTL
returns …
|
-
|
CVE-2024-53087
|
2024-11-20 03:15 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303707
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Drop VM dma-resv lock on xe_sync_in_fence_get failure in exec IOCTL
Upon failure all locks need to be dropped before retu…
|
-
|
CVE-2024-53086
|
2024-11-20 03:15 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303708
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
tpm: Lock TPM chip in tpm_pm_suspend() first
Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy
according…
|
-
|
CVE-2024-53085
|
2024-11-20 03:15 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303709
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: qcom-pmic: init value of hdr_len/txbuf_len earlier
If the read of USB_PDPHY_RX_ACKNOWLEDGE_REG failed, then hdr_len a…
|
-
|
CVE-2024-53083
|
2024-11-20 03:15 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303710
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported
acpi_evaluate_object() may return AE_NOT_FOUND (failure), w…
|
-
|
CVE-2024-53060
|
2024-11-20 03:15 |
2024-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
