|
307411
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nfsd: fix race between laundromat and free_stateid
There is a race between laundromat handling of revoked delegations
and a clien…
|
CWE-416
Use After Free
|
CVE-2024-50106
|
2024-11-13 00:07 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307412
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc
Commit 15c7fab0e047 ("ASoC: qcom: Move Soundwire runtime stream al…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50105
|
2024-11-13 00:06 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307413
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ASoC: qcom: sdm845: add missing soundwire runtime stream alloc
During the migration of Soundwire runtime stream allocation from
t…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-50104
|
2024-11-13 00:05 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307414
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices
Previously, the domain_context_clear() function incorrectl…
|
NVD-CWE-noinfo
|
CVE-2024-50101
|
2024-11-12 23:59 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307415
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
USB: gadget: dummy-hcd: Fix "task hung" problem
The syzbot fuzzer has been encountering "task hung" problems ever
since the dummy…
|
NVD-CWE-noinfo
|
CVE-2024-50100
|
2024-11-12 23:57 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307416
|
- |
|
-
|
-
|
A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been classified as critical. Affected is an unknown function of the file /manager/frontdesk/online_status…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11051
|
2024-11-12 22:56 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307417
|
- |
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in Chaser324 Featured Posts Scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through 1.25.
|
CWE-352
Origin Validation Error
|
CVE-2024-51647
|
2024-11-12 22:56 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307418
|
- |
|
-
|
-
|
The SysBasics Customize My Account for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in all versions up to, and including, 2.7.29 due to ins…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10837
|
2024-11-12 22:56 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307419
|
7.3 |
HIGH
Network
|
-
|
-
|
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.2. This is due to the soft…
|
CWE-94
Code Injection
|
CVE-2024-10640
|
2024-11-12 22:56 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307420
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Magical Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.4 via the get_content_type function in includes/widgets…
|
CWE-200
Information Exposure
|
CVE-2024-10352
|
2024-11-12 22:56 |
2024-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
