|
309111
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
x86/hyperv: fix kexec crash due to VP assist page corruption
commit 9636be85cc5b ("x86/hyperv: Fix hyperv_pcpu_input_arg handling…
|
NVD-CWE-noinfo
|
CVE-2024-46864
|
2024-10-4 00:29 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309112
|
7.8 |
HIGH
Local
|
papercut
|
papercut_ng
papercut_mf
|
An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows servers with Web Print enabled. To exploit this vulnerability, an attacker must first obtain local lo…
|
CWE-59
Link Following
|
CVE-2024-8404
|
2024-10-4 00:19 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309113
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2021-47220
|
2024-10-4 00:15 |
2024-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309114
|
7.5 |
HIGH
Network
|
microsoft
|
power_platform_terraform_provider
|
Power Platform Terraform Provider allows managing environments and other resources within Power Platform. Versions prior to 3.0.0 have an issue in the Power Platform Terraform Provider where sensitiv…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-47083
|
2024-10-4 00:11 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309115
|
9.3 |
CRITICAL
Adjacent
|
cisco
|
ios_xe
|
A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticated, adjacent attacker to bypass the pre-authentication ac…
|
CWE-863
Incorrect Authorization
|
CVE-2024-20510
|
2024-10-3 23:52 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309116
|
6.5 |
MEDIUM
Network
|
cisco
|
unified_threat_defense_snort_intrusion_prevention_system_engine
|
A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured sec…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-20508
|
2024-10-3 23:43 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309117
|
5.4 |
MEDIUM
Network
|
themedy
|
toolbox
|
The Themedy Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's themedy_col, themedy_social_link, themedy_alertbox, and themedy_pullleft shortcodes in all versi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9177
|
2024-10-3 23:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309118
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
cgroup/cpuset: fix panic caused by partcmd_update
We find a bug as below:
BUG: unable to handle page fault for address: 00000003
…
|
NVD-CWE-noinfo
|
CVE-2024-44975
|
2024-10-3 23:32 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309119
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm, slub: do not call do_slab_free for kfence object
In 782f8906f805 the freeing of kfence objects was moved from deep
inside do_…
|
NVD-CWE-noinfo
|
CVE-2024-44973
|
2024-10-3 23:23 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309120
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink
When all the strides in a WQE have been consumed, the WQE is unlinked
from t…
|
NVD-CWE-noinfo
|
CVE-2024-44970
|
2024-10-3 23:22 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
